D-Link Dcs 932l Firmware

D-Link DCS-932L 2.18.01 CmdInject via AdminID in /setSystemWizard (Crit)
CVE-2025-5573 9.8 - Critical - June 04, 2025

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Shell injection

D-Link DCS-932L 2.18.01 - setSystemEmail Buffer Overflow on EmailSMTPPortNumber
CVE-2025-5572 7.5 - High - June 04, 2025

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

OS Command Injection via setSystemAdmin in D-Link DCS-932L 2.18.01
CVE-2025-5571 8.8 - High - June 04, 2025

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Shell injection

D-Link DCS-932L 2.18.01 critical stack-overflow SubUPnPCSInit CVE-2025-4843
CVE-2025-4843 9.8 - Critical - May 18, 2025

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

Critical stack-based overflow in D-Link DCS-932L 2.18.01 /bin/gpio
CVE-2025-4841 9.8 - Critical - May 17, 2025

A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

D-Link DCS-932L 2.18.01 UCPCameraNameChanged Stack Buffer Overflow Remote
CVE-2025-4842 9.8 - Critical - May 17, 2025

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. This vulnerability affects the function isUCPCameraNameChanged of the file /sbin/ucp. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Memory Corruption

D-Link DCS-932L Camera Stack Overflow Vulnerability
CVE-2024-37606 - December 17, 2024

A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.