CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41610
https://notcve.org/view.php?id=CVE-2024-41610
30 Jul 2024 — D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands. D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contiene credenciales codificadas en el servicio Telnet, lo que permite a los atacantes iniciar sesión de forma remota en el servicio Telnet y realizar comandos arbitrarios. • https://github.com/Nop3z/CVE/blob/main/dlink/dir-820/Dlink-820LW-hardcoded-vulnerability.md • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 93%CPEs: 12EXPL: 1CVE-2021-45382 – D-Link Multiple Routers Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-45382
17 Feb 2022 — A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched. Se presenta una vulnerabilidad de Ejecución de Comandos Remota (RCE) en todas las revisiones H/W de la serie de r... • https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_Command_injection.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •