CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 3CVE-2021-46379 – DLINK DIR850 - Open Redirect
https://notcve.org/view.php?id=CVE-2021-46379
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. DLink DIR850 versión ET850-1.08TRb03, está afectado por una vulnerabilidad de control de acceso incorrecto mediante un redireccionamiento de la URL a un sitio no confiable DLINK DIR850 suffers from an open redirection vulnerability. • https://www.exploit-db.com/exploits/50907 http://packetstormsecurity.com/files/167041/DLINK-DIR850-Open-Redirection.html https://drive.google.com/file/d/1rrlwnIxSHEoO4SMAHRPKZSRzK5MwZQRf/view?usp=sharing https://www.dlink.com/en/security-bulletin • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 3CVE-2021-46378 – DLINK DIR850 - Insecure Access Control
https://notcve.org/view.php?id=CVE-2021-46378
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download. DLink DIR850 versión ET850-1.08TRb03 está afectado por una vulnerabilidad de control de acceso incorrecto mediante una descarga de configuración remota no autenticada DLINK DIR850 suffers from a configuration disclosure vulnerability. • https://www.exploit-db.com/exploits/50906 http://packetstormsecurity.com/files/167042/DLINK-DIR850-Insecure-Direct-Object-Reference.html https://drive.google.com/file/d/1S69wOovVa8NRVUXcB0PkVvZHFxREcD4Y/view?usp=sharing https://www.dlink.com/en/security-bulletin • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-20674
https://notcve.org/view.php?id=CVE-2018-20674
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution. Los dispositivos D-Link que utilizan determinadas versiones (las DIR-822 C1 anteriores a la v3.11B01Beta, las DIR-822-US C1 anteriores a la v3.11B01Beta, las DIR-850L A* anteriores a la v1.21B08Beta, las DIR-850L B* anteriores a la v2.22B03Beta y las DIR-880L A* anteriores a la v1.20B02Beta) permiten la ejecución de comando remotos. • https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101 •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-20675
https://notcve.org/view.php?id=CVE-2018-20675
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass. Los dispositivos D-Link que utilizan determinadas versiones (las DIR-822 C1 anteriores a la v3.11B01Beta, las DIR-822-US C1 anteriores a la v3.11B01Beta, las DIR-850L A* anteriores a la v1.21B08Beta, las DIR-850L B* anteriores a la v2.22B03Beta y las DIR-880L A* anteriores a la v1.20B02Beta) permiten la omisión de autenticación. • https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10101 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 92%CPEs: 3EXPL: 1CVE-2018-9032 – D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass
https://notcve.org/view.php?id=CVE-2018-9032
An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version : A1, B1; Firmware Version : 1.02-2.06) devices potentially allows attackers to bypass SharePort Web Access Portal by directly visiting /category_view.php or /folder_view.php. Una vulnerabilidad de omisión de autenticación en dispositivos D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version: A1, B1; Firmware Version: 1.02-2.06) podría permitir que los atacantes omitan el portal de acceso web SharePort visitando directamente /category_view.php o /folder_view.php. • https://www.exploit-db.com/exploits/44378 https://www.youtube.com/watch?v=Wmm4p8znS3s • CWE-287: Improper Authentication •