CVE-2024-33110
- EPSS 0.13%
- Published 06.05.2024 15:15:23
- Last modified 21.05.2025 13:02:24
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component.
CVE-2024-33111
- EPSS 1.01%
- Published 06.05.2024 15:15:23
- Last modified 21.05.2025 13:02:32
D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php.
CVE-2024-33112
- EPSS 1.73%
- Published 06.05.2024 15:15:23
- Last modified 21.05.2025 13:02:30
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func.
CVE-2024-33113
- EPSS 53.02%
- Published 06.05.2024 15:15:23
- Last modified 21.05.2025 13:02:27
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.
CVE-2024-29366
- EPSS 0.28%
- Published 22.03.2024 17:15:08
- Last modified 17.06.2025 14:16:46
A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1.01KRb03.
- EPSS 4.03%
- Published 22.03.2024 17:15:08
- Last modified 17.06.2025 14:09:38
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the cgibin binary via soapcgi_main function.
CVE-2022-36756
- EPSS 18.12%
- Published 28.08.2022 16:15:09
- Last modified 21.11.2024 07:13:39
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php.
CVE-2022-38557
- EPSS 0.68%
- Published 28.08.2022 16:15:09
- Last modified 21.11.2024 07:16:39
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.
CVE-2022-36755
- EPSS 0.52%
- Published 28.08.2022 16:15:08
- Last modified 21.11.2024 07:13:38
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.