8 results (0.011 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. Un problema en el componente getcfg.php de D-Link DIR816L_FW206b01 permite a atacantes acceder al dispositivo por medio de una carga útil diseñada • https://github.com/shijin0925/IOT/blob/master/DIR816/4.md https://www.dlink.com/en/security-bulletin •

CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 1

An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php. Un problema de control de acceso en D-Link DIR816L_FW206b01 permite a atacantes no autenticados acceder a las carpetas folder_view.php y category_view.php • https://github.com/shijin0925/IOT/blob/master/DIR816/1.md https://www.dlink.com/en/security-bulletin • CWE-287: Improper Authentication •

CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 1

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header El archivo webinc/js/info.php en dispositivos D-Link DIR-816L versión 2.06.B09_BETA y DIR-803 versión 1.04.B02, permite un ataque de tipo XSS por medio del encabezado HTTP Referer. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles con el mantenedor. NOTA: esto típicamente no es explotable debido a la codificación de URL (excepto en Internet Explorer) y porque una página web no puede especificar que un cliente debe realizar una petición HTTP adicional con un encabezado Referer arbitrario • https://github.com/sek1th/iot/blob/master/DIR-816L_XSS.md https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10190 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. Se detectó un problema en los dispositivos D-Link DIR-816L versiones 2.x anteriores a 1.10b04Beta02. Universal Plug and Play (UPnP) está habilitado por defecto en el puerto 1900. • https://research.loginsoft.com/bugs/multiple-vulnerabilities-discovered-in-the-d-link-firmware-dir-816l https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10169 https://attackerkb.com/topics/uqicA23ecz/cve-2023-33625 https://github.com/zcutlip/exploit-poc/tree/master/dlink/dir-815-a1/upnp-command-injection https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-rce-in-ssdpcgi-http-st-cve-2019-20215-en-2e799acb8a73 https://shadow-file.blogspot.com/2013/02/dlink-dir-815-upnp& • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utilized by an attacker to retrieve various sensitive information, such as admin login credentials, by setting the value of _POST_SERVICES in the query string to DEVICE.ACCOUNT. Se detectó un problema en los dispositivos D-Link DIR-816L versiones 2.x anteriores a 1.10b04Beta02. Se presenta una función de administración expuesta en el archivo getcfg.php, que puede ser utilizada para llamar a varios servicios. • https://research.loginsoft.com/bugs/multiple-vulnerabilities-discovered-in-the-d-link-firmware-dir-816l https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10169 • CWE-306: Missing Authentication for Critical Function •