Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dhcp vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-27001
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
Commscope Arris Tr3300 Firmware 1.0.13
10
CVSSv2
CVE-2020-11897
The Treck TCP/IP stack prior to 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
Treck Tcp\\/ip
1 Github repository
1 Article
10
CVSSv2
CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Aff...
Yachtcontrol Yachtcontrol
10
CVSSv2
CVE-2011-2717
The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.
Linux Dhcp6c
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
10
CVSSv2
CVE-2011-1930
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote malicious user to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DH...
Klibc Project Klibc
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 EDB exploit
10
CVSSv2
CVE-2019-7095
Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Digital Editions
1 Article
10
CVSSv2
CVE-2018-0035
QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Enviro...
Juniper Junos 15.1x53
10
CVSSv2
CVE-2017-13208
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed f...
Google Android 6.0.1
Google Android 7.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 6.0
Google Android 8.0
Google Android 5.1.1
Google Android 8.1
1 Github repository
10
CVSSv2
CVE-2017-12240
The DHCP relay subsystem of Cisco IOS 12.2 up to and including 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote malicious user to execute arbitrary code and gain full control of an affected system. The attacker could also cause a...
Cisco Ios 12.1\\(5a\\)
Cisco Ios 15.5\\(3\\)m4
Cisco Ios 12.3\\(2\\)t1
Cisco Ios 12.2\\(20\\)se2
Cisco Ios 15.3\\(3\\)ja1m
Cisco Ios 12.3\\(9d\\)
Cisco Ios 12.3\\(1\\)
Cisco Ios 12.4\\(4\\)xc5
Cisco Ios 12.2\\(58\\)se1
Cisco Ios 12.3\\(7\\)t12
Cisco Ios 12.2\\(2\\)bx1
Cisco Ios 12.4\\(15\\)xl3
Cisco Ios 12.3\\(11\\)ja4
Cisco Ios 12.2\\(2\\)yc1
Cisco Ios 12.2\\(8\\)yw3
Cisco Ios 15.0\\(2\\)ey1
Cisco Ios 12.1\\(10\\)e3
Cisco Ios 12.1\\(10\\)e2
Cisco Ios 12.2\\(46\\)ey
Cisco Ios 12.2\\(2\\)xh1
Cisco Ios 12.4\\(7c\\)
Cisco Ios 12.4\\(3g\\)ja1
10
CVSSv2
CVE-2017-14429
The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting g...
Dlink Dir-850l Firmware
Dlink Dir-850l Firmware Fw114wwb07 H2ab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »