CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5298 – D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5298
D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-449 • CWE-749: Exposed Dangerous Method or Function •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5297 – D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5297
D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-448 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-5295 – D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5295
D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-446 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-5293 – D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5293
D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. ... An attacker can leverage this vulnerability to execute code in the context of root. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-444 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5292 – D-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5292
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DNACore service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DNACore service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-443 • CWE-427: Uncontrolled Search Path Element •