CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-34974
https://notcve.org/view.php?id=CVE-2022-34974
D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function. Se ha detectado que D-Link DIR810LA1_FW102B22, contiene una vulnerabilidad de inyección de comandos por medio de la función Ping_addr • https://github.com/1759134370/iot/blob/main/DIR-810L.md https://www.dlink.com/en/security-bulletin • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-34528
https://notcve.org/view.php?id=CVE-2022-34528
D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue. Se ha detectado que D-Link DSL-3782 versiones v1.03 y anteriores, contienen un desbordamiento de pila por medio de la función getAttrValue • https://github.com/1160300418/Vuls/blob/main/D-Link/DSL-3782/BOF_in_D-Link%20DSL-3782.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-34527
https://notcve.org/view.php?id=CVE-2022-34527
D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160. Se ha detectado que D-Link DSL-3782 versiones v1.03 y anteriores, contienen una vulnerabilidad de inyección de comandos por medio de la función byte_4C0160 • https://github.com/1160300418/Vuls/blob/main/D-Link/DSL-3782/CMDi_in_D-Link%20DSL-3782.md https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-32092
https://notcve.org/view.php?id=CVE-2022-32092
D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. Se ha detectado que D-Link DIR-645 versión v1.03, contiene una vulnerabilidad de inyección de comandos por medio del parámetro QUERY_STRING en el archivo __ajax_explorer.sgi • https://github.com/fxc233/iot-vul/tree/main/D-Link/DIR-645 https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-18907
https://notcve.org/view.php?id=CVE-2018-18907
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption. Se ha detectado un problema en los dispositivos D-Link DIR-850L versión 1.21WW. Un handshake WPA parcialmente completado es suficiente para obtener un acceso completo a la red inalámbrica. • http://us.dlink.com/security-advisories https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10097 https://www.synopsys.com/blogs/software-security/wpa2-encryption-bypass-defensics-fuzzing • CWE-287: Improper Authentication •