CVE-2023-27720
https://notcve.org/view.php?id=CVE-2023-27720
D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/HolyTruth/DIR_878-1.30B08/blob/main/4.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVE-2022-48107
https://notcve.org/view.php?id=CVE-2022-48107
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /setnetworksettings/IPAddress. This vulnerability allows attackers to escalate privileges to root via a crafted payload. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20inject%20in%20IPAddress https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-48108
https://notcve.org/view.php?id=CVE-2022-48108
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to escalate privileges to root via a crafted payload. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20inject%20in%20Netmask https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-43184
https://notcve.org/view.php?id=CVE-2022-43184
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi. Se ha detectado que D-Link DIR878 versión 1.30B08 Hotfix_04, contiene una vulnerabilidad de inyección de comandos por medio del componente /bin/proc.cgi • https://github.com/HuangPayoung/CVE-request/tree/main/DLink/vuln2 https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-1262
https://notcve.org/view.php?id=CVE-2022-1262
A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root. Una vulnerabilidad de inyección de comandos en el binario de protesta permite a un atacante con acceso a la interfaz de línea de comandos remota ejecutar comandos arbitrarios como root • https://www.tenable.com/security/research/tra-2022-09 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •