{"uuid": "bcb0b9e2-4e67-4752-8d20-2efaf2b905c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41140", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10940", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Zero-Day (Untested code): CVE-2022-41140 - D-Link router preauth Stack-based BOF RCE (authentication is not required to exploit this vulnerability).\n\nVulnerability exploitation requires to exit the main loop. At the moment no proper way to exit hence we forced it used the following command line.\n$ gdb -batch -ex \"attach `pgrep prog.cgi`\" -ex \"b *0x00429508\" -ex \"continue\" -ex \"j *0x00429538\" -ex \u201ci f\u201d -ex \"p/x $ra\"", "creation_timestamp": "2023-04-21T14:53:18.000000Z"}