Skip to main content
CVE-2018-10996 CRITICAL POC Act Now

The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow D-Link Dir 629 B Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
5.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy