CVSS: 9.8EPSS: 68%CPEs: 2EXPL: 1CVE-2018-17787
https://notcve.org/view.php?id=CVE-2018-17787
On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function. En dispositivos D-Link DIR-823G, la configuración GoAhead permite una inyección de comandos /HNAP1 mediante metacaracteres shell en los datos POST. Esto se debe a que los datos se envían directamente a la función de biblioteca "system". • https://xz.aliyun.com/t/2834 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2018-17786
https://notcve.org/view.php?id=CVE-2018-17786
On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh, and upload_firmware.cgi do not require authentication, which allows remote attackers to execute arbitrary code. En dispositivos D-Link DIR-823G, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh y upload_firmware.cgi no requieren autenticación, lo que permite que los atacantes remotos ejecuten código arbitrario. • https://xz.aliyun.com/t/2834 • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-16408
https://notcve.org/view.php?id=CVE-2018-16408
D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access. Los dispositivos D-Link DIR-846 con firmware en versiones 100.26 permiten que atacantes remotos ejecuten código arbitrario como root mediante una petición SetNetworkTomographySettings aprovechando el acceso de administrador. • https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link%20DIR-846%20RCE.md https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-846/RCE_0/D-Link%20DIR-846%20RCE.md https://www.us-cert.gov/ncas/bulletins/SB18-253 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-12103
https://notcve.org/view.php?id=CVE-2018-12103
An issue was discovered on D-Link DIR-890L with firmware 1.21B02beta01 and earlier, DIR-885L/R with firmware 1.21B03beta01 and earlier, and DIR-895L/R with firmware 1.21B04beta04 and earlier devices (all hardware revisions). Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point. Se ha detectado un fallo en D-Link DIR-890L, con versiones de firmware 1.21B02beta01 y anteriores, en DIR-885L/R, con versiones de firmware 1.21B03beta01 y anteriores, y en DIR-895L/R, con versiones de firmware 1.21B04beta04 y anteriores (en todas las revisiones de hardware). Debido a la previsibilidad del URI /docs/captcha_(number).jpeg, siendo ésta local a la red pero autenticada en el panel de administrador, un atacante puede divulgar los CAPTCHA utilizados por el punto de acceso y puede elegir que se cargue el CAPTCHA de su elección. Esto conduce a intentos de inicio de sesión no autorizados a dicho punto de acceso. • http://seclists.org/fulldisclosure/2018/Jul/13 https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10099 • CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 1CVE-2018-6212
https://notcve.org/view.php?id=CVE-2018-6212
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect processing of the XMLHttpRequest object. En dispositivos D-Link DIR-620 con una determinada variante personalizada (por proveedor de Internet) del firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0 y 2.0.22, es posible un ataque de Cross-Site Scripting (XSS) reflejado como resultado de la falta de filtrado de caracteres especiales en el campo "Search" y el procesamiento erróneo del objeto XMLHttpRequest. • http://www.securitynewspaper.com/2018/05/25/d-link-dir-620-routers-critical-vulnerabilities https://securelist.com/backdoors-in-d-links-backyard/85530 https://securityaffairs.co/wordpress/72839/hacking/d-link-dir-620-flaws.html https://www.bleepingcomputer.com/news/security/backdoor-account-found-in-d-link-dir-620-routers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •