CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26925
https://notcve.org/view.php?id=CVE-2023-26925
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information. • https://github.com/laotun-s/POC/blob/main/CVE-2023-26925.txt https://www.dlink.com/en/security-bulletin •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 3CVE-2022-40946 – DLink DIR 819 A1 - Denial of Service
https://notcve.org/view.php?id=CVE-2022-40946
On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request. D-Link DIR 819 A1 suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/51053 http://packetstormsecurity.com/files/171484/D-Link-DIR-819-A1-Denial-Of-Service.html https://github.com/whokilleddb/dlink-dir-819-dos https://www.dlink.com/en/security-bulletin •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25281
https://notcve.org/view.php?id=CVE-2023-25281
A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/stackoverflow%20cancelPing https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2023-25280 – D-Link DIR-820 Router OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-25280
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20Inject%20in%20pingV4Msg https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25282
https://notcve.org/view.php?id=CVE-2023-25282
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/Permanent%20DDOS%20vulnerability%20in%20emailInfo https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •