CVSS: 10.0EPSS: 73%CPEs: 2EXPL: 1CVE-2019-7297
https://notcve.org/view.php?id=CVE-2019-7297
An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult function calls the system function with an untrusted input parameter named Address. Consequently, an attacker can execute any command remotely when they control this input. Se ha descubierto un problema en dispositivos D-Link DIR-823G con firmware hasta la versión 1.02B03. • http://www.securityfocus.com/bid/106815 https://github.com/leonW7/D-Link/blob/master/Vul_1.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-17881
https://notcve.org/view.php?id=CVE-2018-17881
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger an admin password change. En dispositivos D-Link DIR-823G 2018-09-19, la configuración GoAhead permite comandos /HNAP1 SetPasswdSettings sin autenticación para desencadenar un cambio de contraseña de administrador. • https://xz.aliyun.com/t/2834#toc-5 • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-17880
https://notcve.org/view.php?id=CVE-2018-17880
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a reboot. En dispositivos D-Link DIR-823G 2018-09-19, la configuración GoAhead permite comandos /HNAP1 RunReboot sin autenticación para desencadenar un reinicio. • https://xz.aliyun.com/t/2834#toc-5 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 68%CPEs: 2EXPL: 1CVE-2018-17787
https://notcve.org/view.php?id=CVE-2018-17787
On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function. En dispositivos D-Link DIR-823G, la configuración GoAhead permite una inyección de comandos /HNAP1 mediante metacaracteres shell en los datos POST. Esto se debe a que los datos se envían directamente a la función de biblioteca "system". • https://xz.aliyun.com/t/2834 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2018-17786
https://notcve.org/view.php?id=CVE-2018-17786
On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh, and upload_firmware.cgi do not require authentication, which allows remote attackers to execute arbitrary code. En dispositivos D-Link DIR-823G, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh y upload_firmware.cgi no requieren autenticación, lo que permite que los atacantes remotos ejecuten código arbitrario. • https://xz.aliyun.com/t/2834 • CWE-287: Improper Authentication •