With the G-code Start Script method, the feature still needs to be activated in the firmware as described in Saving the K-Factor in the Firmware. It is recommended to set #define LIN_ADVANCE_K to 0, which effectively disables the hard-coded firmware value. In this case only the K-Factor set via the start script is used.
Search CVE List Downloads Data Feeds Update a CVE Record Request CVE IDs TOTAL CVE Records: 194832 NOTICE: Transition to the all-new CVE website at WWW.CVE.ORG and CVE Record Format JSON are underway.NOTICE: Changes are coming to CVE List Content Downloads in 2023. .alignright text-align: right;font-size: x-small; Home > CVE > Search Results Search ResultsThere are 679 CVE Records that match your search.NameDescriptionCVE-2022-48108D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to escalate privileges to root via a crafted payload.CVE-2022-48107D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /setnetworksettings/IPAddress. This vulnerability allows attackers to escalate privileges to root via a crafted payload.CVE-2022-47035Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute arbitrary code via the GetConfig method to the /CPE endpoint.CVE-2022-46642D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.CVE-2022-46641D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.CVE-2022-46570D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module.CVE-2022-46569D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module.CVE-2022-46568D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module.CVE-2022-46566D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module.CVE-2022-46563D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module.CVE-2022-46562D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module.CVE-2022-46561D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module.CVE-2022-46560D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module.CVE-2022-46552D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.CVE-2022-46476D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function.CVE-2022-46475D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function.CVE-2022-46076D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.CVE-2022-44930D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function.CVE-2022-44929An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.CVE-2022-44928D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function.CVE-2022-44832D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function.CVE-2022-44808A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability.CVE-2022-44807D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.CVE-2022-44806D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.CVE-2022-44804D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.CVE-2022-44801D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.CVE-2022-44204D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow.CVE-2022-44202D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.CVE-2022-44201D-Link DIR823G 1.02B05 is vulnerable to Commad Injection.CVE-2022-43184D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi.CVE-2022-43109D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.CVE-2022-43003D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function.CVE-2022-43002D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54.CVE-2022-43001D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function.CVE-2022-43000D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4.CVE-2022-42999D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm.CVE-2022-42998D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd.CVE-2022-42161D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS.CVE-2022-42160D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings.CVE-2022-42159D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator.CVE-2022-42156D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings.CVE-2022-41140This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lighttpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13796.CVE-2022-40799Data Integrity Failure in 'Backup Config' in D-Link DNR-322L
Firmware Dir 412 B1 Fw 02 28
Third party boards are designed, sold and supported by companies who help to support Espruino's continued development. They may or may not come with Espruino pre-installed, however we ensure that up to date firmware for these boards is available so you always have access to the newest features.
The Espruino firmware is available for these boards, however it is maintained by the Espruino community. There is no support from either Espruino or the original manufacturers, although you can always ask in the 'Other Boards' forum. Online services like the JavaScript compiler and Inline C are also not available for these boards.
Note: In 2v15 firmware and earlier the heading is inverted (360-heading). There'sa fix in the bootloader which will apply a fix for those headings, but old apps maystill expect an inverted value.
Note: This password is stored in memory in plain text. If someone is able toexecute arbitrary JavaScript code on the device (e.g., you use eval on inputfrom unknown sources) or read the device's firmware then they may be able toobtain it.
In December 2010 I bought an ASUS RT-N13U wireless router for the specific purpose of using it to connect to the 3G network, for which it was advertised. It does not fulfil the requirements. The device came with Beta firmware and incorrect instructions, and produced error messages in Chinese, independent of the language settings. It also refused to accept any IP address except RFC 1918 addresses, which are useless for my situation. After finding out how to upgrade the firmware (those instructions were incorrect too), the Chinese messages disappeared. The RFC 1918 problem remained.
My overall experience: ASUS is a mess! They deliver equipment with beta firmware, theirdocumentation doesn't match their equipment, their implementations are sloppy, even theirmail messages show serious breakage. There's much more detail below.
My attempts to connect with the 3G network yesterday ended with a failed attempt to upgrade the firmware in this terminally broken ASUS RT-N13U router. Tried again today, in the process noting the messages that appeared during normal startup:
2ff7e9595c
Comments