Dlink

Dir-645 Firmware

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-10689

Exploit
  • EPSS 0.1%
  • Veröffentlicht 18.09.2025 20:32:06
  • Zuletzt bearbeitet 03.10.2025 17:26:40

A vulnerability was identified in D-Link DIR-645 105B01. This issue affects the function soapcgi_main of the file /soap.cgi. Such manipulation of the argument service leads to command injection. The attack can be launched remotely. The exploit is pub...

9.8

CVE-2018-25115

Exploit
  • EPSS 0.52%
  • Veröffentlicht 27.08.2025 21:24:23
  • Zuletzt bearbeitet 24.09.2025 18:03:34

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system comman...

8.8

CVE-2025-7192

Exploit
  • EPSS 0.1%
  • Veröffentlicht 08.07.2025 19:32:06
  • Zuletzt bearbeitet 14.07.2025 15:15:31

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgi_main of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be ini...

9.8

CVE-2023-36089

  • EPSS 0.38%
  • Veröffentlicht 31.07.2023 14:15:10
  • Zuletzt bearbeitet 21.11.2024 08:09:16

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the ma...

9.8

CVE-2022-46475

Exploit
  • EPSS 28.62%
  • Veröffentlicht 17.01.2023 21:15:14
  • Zuletzt bearbeitet 03.04.2025 19:15:37

D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function.

9.8

CVE-2022-32092

Exploit
  • EPSS 22.47%
  • Veröffentlicht 27.06.2022 22:15:09
  • Zuletzt bearbeitet 21.11.2024 07:05:46

D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.

9.8

CVE-2021-43722

Exploit
  • EPSS 1.36%
  • Veröffentlicht 31.03.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:29:40

D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size.

6.1

CVE-2020-25786

Exploit
  • EPSS 0.68%
  • Veröffentlicht 19.09.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:18:46

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploi...

9.8

CVE-2013-7471

Exploit
  • EPSS 29.65%
  • Veröffentlicht 11.06.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 02:01:05

An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalCli...

10

CVE-2015-2052

Exploit
  • EPSS 11.65%
  • Veröffentlicht 23.02.2015 17:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface.