CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-36089
https://notcve.org/view.php?id=CVE-2023-36089
Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. • https://www.dlink.com/en/security-bulletin https://www.dlink.com/en/support • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-32092
https://notcve.org/view.php?id=CVE-2022-32092
D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. Se ha detectado que D-Link DIR-645 versión v1.03, contiene una vulnerabilidad de inyección de comandos por medio del parámetro QUERY_STRING en el archivo __ajax_explorer.sgi • https://github.com/fxc233/iot-vul/tree/main/D-Link/DIR-645 https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-43722
https://notcve.org/view.php?id=CVE-2021-43722
D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size. D-Link DIR-645 versión 1.03 A1, es vulnerable a un desbordamiento de búfer. La función hnap_main en el manejador cgibin usa sprintf para formatear el encabezado soapaction en la pila y no presenta límite en el tamaño • https://github.com/luqiut/iot/blob/main/DIR-645%20Stack%20overflow.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 6%CPEs: 10EXPL: 2CVE-2013-7471
https://notcve.org/view.php?id=CVE-2013-7471
An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPort element of a SOAP POST request. Se descubrió un problema en soap.cgi? • http://www.s3cur1ty.de/m1adv2013-020 https://www.exploit-db.com/exploits/27044 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 7%CPEs: 2EXPL: 1CVE-2015-2052
https://notcve.org/view.php?id=CVE-2015-2052
Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface. Desbordamiento de buffer basado en pila en el router DIR-645 Wired/Wireless Rev. Ax con firmware 1.04b12 y anteriores permite a atacantes remotos ejecutar código arbitrario a través de una cadena larga en una acción GetDeviceSettings en la interfaz HNAP. • http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10051 http://www.securityfocus.com/bid/72623 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •