CVE-2023-44808
https://notcve.org/view.php?id=CVE-2023-44808
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. D-Link DIR-820L 1.05B03 tiene una vulnerabilidad de desbordamiento de pila en la función sub_4507CC. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug3.md • CWE-787: Out-of-bounds Write •
CVE-2023-44809
https://notcve.org/view.php?id=CVE-2023-44809
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. El dispositivo D-Link DIR-820L 1.05B03 es vulnerable a permisos inseguros. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug1.md • CWE-269: Improper Privilege Management •
CVE-2023-44807
https://notcve.org/view.php?id=CVE-2023-44807
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function. D-Link DIR-820L 1.05B03 tiene una vulnerabilidad de desbordamiento de pila en la función de cancelPing. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug2.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVE-2022-26258 – D-Link DIR-820L Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26258
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. Se ha detectado que D-Link DIR-820L versión 1.05B03, contiene una vulnerabilidad de ejecución de comandos remota (RCE) por medio del parámetro Device Name en el archivo /lan.asp D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution. • http://dir-820l.com http://dlink.com https://github.com/skyedai910/Vuln/tree/master/DIR-820L/command_execution_0 https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.md https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2015-1187 – D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1187
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp. La herramienta de ping en múltiples dispositivos D-Link y TRENDnet permite que los atacantes remotos ejecuten código arbitrario mediante el parámetro ping_addr a ping.ccp. D-Link DIR636L suffers from a remote command injection vulnerability. The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution. • https://www.exploit-db.com/exploits/41677 http://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.html http://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.html http://seclists.org/fulldisclosure/2015/Mar/15 http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052 http://www.securityfocus.com/bid/72848 https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2 https://seclists.org/fulldisclosure/2015/Mar/15 • CWE-287: Improper Authentication •