Search criteria
9 vulnerabilities found for dap-1320_firmware by dlink
FKIE_CVE-2025-1538
Vulnerability from fkie_nvd - Published: 2025-02-21 15:15 - Updated: 2025-02-25 20:54
Severity ?
Summary
A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dap-1320_firmware | 1.0 | |
| dlink | dap-1320 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dap-1320_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD16A696-CC8A-489B-9930-DC3457FEF2E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dap-1320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87CC92EB-3439-4FD1-9439-8DFF5D8BCDB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en D-Link DAP-1320 1.00. Esta vulnerabilidad afecta a la funci\u00f3n set_ws_action del archivo /dws/api/. La manipulaci\u00f3n provoca un desbordamiento del b\u00fafer basado en el mont\u00f3n. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."
}
],
"id": "CVE-2025-1538",
"lastModified": "2025-02-25T20:54:42.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cna@vuldb.com",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2025-02-21T15:15:12.630",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Product"
],
"url": "https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d?pvs=74"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?ctiid.296479"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.296479"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?submit.497301"
},
{
"source": "cna@vuldb.com",
"tags": [
"Product"
],
"url": "https://www.dlink.com/"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-1539
Vulnerability from fkie_nvd - Published: 2025-02-21 15:15 - Updated: 2025-03-03 16:36
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c | Product | |
| cna@vuldb.com | https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-replace_special_char-Vulnerability-1960448e6195809c94f9fd2ff1f59bcf?pvs=4 | Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.296480 | Permissions Required | |
| cna@vuldb.com | https://vuldb.com/?id.296480 | Permissions Required | |
| cna@vuldb.com | https://vuldb.com/?submit.497496 | Third Party Advisory | |
| cna@vuldb.com | https://www.dlink.com/ | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dap-1320_firmware | 1.0 | |
| dlink | dap-1320 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dap-1320_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD16A696-CC8A-489B-9930-DC3457FEF2E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dap-1320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87CC92EB-3439-4FD1-9439-8DFF5D8BCDB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en D-Link DAP-1320 1.00. Este problema afecta a la funci\u00f3n replace_special_char del archivo /storagein.pd-XXXXXX. La manipulaci\u00f3n provoca un desbordamiento del b\u00fafer basado en la pila. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."
}
],
"id": "CVE-2025-1539",
"lastModified": "2025-03-03T16:36:49.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2025-02-21T15:15:12.830",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Product"
],
"url": "https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-replace_special_char-Vulnerability-1960448e6195809c94f9fd2ff1f59bcf?pvs=4"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?ctiid.296480"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.296480"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?submit.497496"
},
{
"source": "cna@vuldb.com",
"tags": [
"Product"
],
"url": "https://www.dlink.com/"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-2050
Vulnerability from fkie_nvd - Published: 2015-02-23 17:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050 | Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/184100 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/73143 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/184100 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/73143 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dap-1320_firmware | * | |
| dlink | dap-1320 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dap-1320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09491292-992E-4991-9124-7F88911ABF70",
"versionEndIncluding": "1.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dap-1320:*:*:*:*:*:*:*:*",
"matchCriteriaId": "955CA33A-382C-4863-9551-AA2FBDE93D1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors."
},
{
"lang": "es",
"value": "D-Link DAP-1320 Rev Ax con firmware anterior a 1.21b05 permite a atacantes ejecutar comandos arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-2050",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-23T17:59:07.463",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/184100"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/73143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/184100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-1539 (GCVE-0-2025-1539)
Vulnerability from cvelistv5 – Published: 2025-02-21 15:00 – Updated: 2025-02-21 15:42 Unsupported When Assigned
VLAI?
Title
D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow
Summary
A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Credits
hand_king (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1539",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-21T15:40:55.478976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T15:42:32.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DAP-1320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.00"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "hand_king (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in D-Link DAP-1320 1.00 entdeckt. Davon betroffen ist die Funktion replace_special_char der Datei /storagein.pd-XXXXXX. Durch Manipulieren mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T15:00:14.905Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-296480 | D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.296480"
},
{
"name": "VDB-296480 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.296480"
},
{
"name": "Submit #497496 | D-Link DAP-1320 1.00 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.497496"
},
{
"tags": [
"exploit"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-replace_special_char-Vulnerability-1960448e6195809c94f9fd2ff1f59bcf?pvs=4"
},
{
"tags": [
"related"
],
"url": "https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-02-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-21T09:49:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1539",
"datePublished": "2025-02-21T15:00:14.905Z",
"dateReserved": "2025-02-21T08:43:32.227Z",
"dateUpdated": "2025-02-21T15:42:32.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1538 (GCVE-0-2025-1538)
Vulnerability from cvelistv5 – Published: 2025-02-21 15:00 – Updated: 2025-02-21 16:31 Unsupported When Assigned
VLAI?
Title
D-Link DAP-1320 api set_ws_action heap-based overflow
Summary
A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Credits
hand_king (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1538",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-21T16:14:54.242704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T16:31:53.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DAP-1320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.00"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "hand_king (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "de",
"value": "In D-Link DAP-1320 1.00 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es die Funktion set_ws_action der Datei /dws/api/. Durch das Manipulieren mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T15:00:08.968Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-296479 | D-Link DAP-1320 api set_ws_action heap-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.296479"
},
{
"name": "VDB-296479 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.296479"
},
{
"name": "Submit #497301 | D-Link DAP-1320 1.00 Heap-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.497301"
},
{
"tags": [
"related"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d?pvs=74"
},
{
"tags": [
"related"
],
"url": "https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c"
},
{
"tags": [
"exploit"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-02-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-21T09:48:38.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DAP-1320 api set_ws_action heap-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1538",
"datePublished": "2025-02-21T15:00:08.968Z",
"dateReserved": "2025-02-21T08:43:29.593Z",
"dateUpdated": "2025-02-21T16:31:53.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2050 (GCVE-0-2015-2050)
Vulnerability from cvelistv5 – Published: 2015-02-23 17:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"name": "73143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73143"
},
{
"name": "VU#184100",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/184100"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-23T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"name": "73143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73143"
},
{
"name": "VU#184100",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/184100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050",
"refsource": "CONFIRM",
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"name": "73143",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73143"
},
{
"name": "VU#184100",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/184100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2050",
"datePublished": "2015-02-23T17:00:00",
"dateReserved": "2015-02-23T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1539 (GCVE-0-2025-1539)
Vulnerability from nvd – Published: 2025-02-21 15:00 – Updated: 2025-02-21 15:42 Unsupported When Assigned
VLAI?
Title
D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow
Summary
A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Credits
hand_king (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1539",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-21T15:40:55.478976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T15:42:32.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DAP-1320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.00"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "hand_king (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in D-Link DAP-1320 1.00 entdeckt. Davon betroffen ist die Funktion replace_special_char der Datei /storagein.pd-XXXXXX. Durch Manipulieren mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T15:00:14.905Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-296480 | D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.296480"
},
{
"name": "VDB-296480 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.296480"
},
{
"name": "Submit #497496 | D-Link DAP-1320 1.00 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.497496"
},
{
"tags": [
"exploit"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-replace_special_char-Vulnerability-1960448e6195809c94f9fd2ff1f59bcf?pvs=4"
},
{
"tags": [
"related"
],
"url": "https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-02-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-21T09:49:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1539",
"datePublished": "2025-02-21T15:00:14.905Z",
"dateReserved": "2025-02-21T08:43:32.227Z",
"dateUpdated": "2025-02-21T15:42:32.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1538 (GCVE-0-2025-1538)
Vulnerability from nvd – Published: 2025-02-21 15:00 – Updated: 2025-02-21 16:31 Unsupported When Assigned
VLAI?
Title
D-Link DAP-1320 api set_ws_action heap-based overflow
Summary
A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Credits
hand_king (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1538",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-21T16:14:54.242704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T16:31:53.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DAP-1320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.00"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "hand_king (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "de",
"value": "In D-Link DAP-1320 1.00 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es die Funktion set_ws_action der Datei /dws/api/. Durch das Manipulieren mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-21T15:00:08.968Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-296479 | D-Link DAP-1320 api set_ws_action heap-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.296479"
},
{
"name": "VDB-296479 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.296479"
},
{
"name": "Submit #497301 | D-Link DAP-1320 1.00 Heap-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.497301"
},
{
"tags": [
"related"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d?pvs=74"
},
{
"tags": [
"related"
],
"url": "https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c"
},
{
"tags": [
"exploit"
],
"url": "https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-02-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-21T09:48:38.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DAP-1320 api set_ws_action heap-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1538",
"datePublished": "2025-02-21T15:00:08.968Z",
"dateReserved": "2025-02-21T08:43:29.593Z",
"dateUpdated": "2025-02-21T16:31:53.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2050 (GCVE-0-2015-2050)
Vulnerability from nvd – Published: 2015-02-23 17:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"name": "73143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73143"
},
{
"name": "VU#184100",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/184100"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-23T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"name": "73143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73143"
},
{
"name": "VU#184100",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/184100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050",
"refsource": "CONFIRM",
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"name": "73143",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73143"
},
{
"name": "VU#184100",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/184100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2050",
"datePublished": "2015-02-23T17:00:00",
"dateReserved": "2015-02-23T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}