CVSS: 9.8EPSS: 90%CPEs: 2EXPL: 2CVE-2022-26258 – D-Link DIR-820L Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26258
27 Mar 2022 — D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. Se ha detectado que D-Link DIR-820L versión 1.05B03, contiene una vulnerabilidad de ejecución de comandos remota (RCE) por medio del parámetro Device Name en el archivo /lan.asp D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution. • http://dir-820l.com • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 78%CPEs: 36EXPL: 4CVE-2015-1187 – D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1187
02 Mar 2015 — The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp. La herramienta de ping en múltiples dispositivos D-Link y TRENDnet permite que los atacantes remotos ejecuten código arbitrario mediante el parámetro ping_addr a ping.ccp. D-Link DIR636L suffers from a remote command injection vulnerability. The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution. • https://packetstorm.news/files/id/131465 • CWE-287: Improper Authentication •