CVE-2023-48842
https://notcve.org/view.php?id=CVE-2023-48842
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi. Se descubrió que D-Link Go-RT-AC750 revA_v101b03 contenía una vulnerabilidad de inyección de comandos a través del parámetro de servicio en hedwig.cgi. • https://github.com/creacitysec/CVE-2023-48842 https://drive.google.com/file/d/1y5om__f2SAhNmcPqDxC_SRTvJVAWwPcH/view?usp=drive_link • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2022-36526
https://notcve.org/view.php?id=CVE-2022-36526
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass via function phpcgi_main in cgibin. D-Link GO-RT-AC750 versiones GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 son vulnerables a una omisión de autenticación por medio de la función phpcgi_main en cgibin. • http://d-link.com https://drive.google.com/file/d/1ji5Ph6c-qgp0lBvbY8BZJjeqbju3VeK8/view?usp=sharing https://www.dlink.com/en/security-bulletin •
CVE-2022-36524
https://notcve.org/view.php?id=CVE-2022-36524
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static Default Credentials via /etc/init0.d/S80telnetd.sh. D-Link GO-RT-AC750 versiones GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 son vulnerables a las credenciales estáticas por defecto por medio del archivo /etc/init0.d/S80telnetd.sh. • http://d-link.com https://drive.google.com/file/d/1WNKrDUbYfSWbSve9ONILkLY6dbM8I7hh/view?usp=sharing https://www.dlink.com/en/security-bulletin • CWE-287: Improper Authentication •
CVE-2022-36523
https://notcve.org/view.php?id=CVE-2022-36523
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php. D-Link Go-RT-AC750 versiones GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 son vulnerables a una inyección de comandos por medio del archivo /htdocs/upnpinc/gena.php. • https://drive.google.com/file/d/13D6K0UxNNzbLU4YRPfJc7MAk6iKFICdr/view?usp=sharing https://www.dlink.com/en/security-bulletin • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •