ZDI-23-1277: D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability

August 25, 2023

Read Time:8 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-1278: D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

August 25, 2023

Read Time:8 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-1279: D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability

August 25, 2023

Read Time:8 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-1280: D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability

August 25, 2023

Read Time:9 Second

This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-1221: LG LED Assistant upload Directory Traversal Remote Code Execution Vulnerability

August 25, 2023

Read Time:7 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-1222: LG LED Assistant setThumbnailRc Directory Traversal Remote Code Execution Vulnerability

August 25, 2023

Read Time:7 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-1223: LG LED Assistant thumbnail Directory Traversal Information Disclosure Vulnerability

August 25, 2023

Read Time:7 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-1224: LG LED Assistant updateFile Directory Traversal Information Disclosure Vulnerability

August 25, 2023

Read Time:7 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.

Advisories

DSA-5483 chromium – security update

August 25, 2023

Read Time:7 Second

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

Cyber Security News

Daily Archives: August 25, 2023

ZDI-23-1277: D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-1278: D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-1279: D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-1280: D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability

ZDI-23-1221: LG LED Assistant upload Directory Traversal Remote Code Execution Vulnerability

ZDI-23-1222: LG LED Assistant setThumbnailRc Directory Traversal Remote Code Execution Vulnerability

ZDI-23-1223: LG LED Assistant thumbnail Directory Traversal Information Disclosure Vulnerability

ZDI-23-1224: LG LED Assistant updateFile Directory Traversal Information Disclosure Vulnerability

DSA-5483 chromium – security update

News, Advisories and much more