VYPR
Critical severity9.8NVD Advisory· Published May 12, 2018· Updated Jun 17, 2026

CVE-2018-10996

CVE-2018-10996

Description

The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.