CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-44808
https://notcve.org/view.php?id=CVE-2023-44808
16 Oct 2023 — D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. D-Link DIR-820L 1.05B03 tiene una vulnerabilidad de desbordamiento de pila en la función sub_4507CC. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug3.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-44809
https://notcve.org/view.php?id=CVE-2023-44809
16 Oct 2023 — D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. El dispositivo D-Link DIR-820L 1.05B03 es vulnerable a permisos inseguros. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug1.md • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-44807
https://notcve.org/view.php?id=CVE-2023-44807
06 Oct 2023 — D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function. D-Link DIR-820L 1.05B03 tiene una vulnerabilidad de desbordamiento de pila en la función de cancelPing. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug2.md • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25282
https://notcve.org/view.php?id=CVE-2023-25282
15 Mar 2023 — A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/Permanent%20DDOS%20vulnerability%20in%20emailInfo • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 72%CPEs: 2EXPL: 1CVE-2023-25279
https://notcve.org/view.php?id=CVE-2023-25279
13 Mar 2023 — OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20Inject%20In%20tools_AccountName • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25283
https://notcve.org/view.php?id=CVE-2023-25283
13 Mar 2023 — A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/stackoverflow%20%20in%20reserveDHCP_HostName_1.1.1.0 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 90%CPEs: 2EXPL: 2CVE-2022-26258 – D-Link DIR-820L Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26258
27 Mar 2022 — D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. Se ha detectado que D-Link DIR-820L versión 1.05B03, contiene una vulnerabilidad de ejecución de comandos remota (RCE) por medio del parámetro Device Name en el archivo /lan.asp D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution. • http://dir-820l.com • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 93%CPEs: 12EXPL: 1CVE-2021-45382 – D-Link Multiple Routers Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-45382
17 Feb 2022 — A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched. Se presenta una vulnerabilidad de Ejecución de Comandos Remota (RCE) en todas las revisiones H/W de la serie de r... • https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_Command_injection.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 78%CPEs: 36EXPL: 4CVE-2015-1187 – D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1187
02 Mar 2015 — The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp. La herramienta de ping en múltiples dispositivos D-Link y TRENDnet permite que los atacantes remotos ejecuten código arbitrario mediante el parámetro ping_addr a ping.ccp. D-Link DIR636L suffers from a remote command injection vulnerability. The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution. • https://packetstorm.news/files/id/131465 • CWE-287: Improper Authentication •