Dlink

Dir-822 Firmware

14 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-33343

Exploit
  • EPSS 7.87%
  • Published 26.04.2024 18:15:46
  • Last modified 21.05.2025 12:51:23

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell.

9.3

CVE-2024-25331

  • EPSS 2.53%
  • Published 12.03.2024 06:15:07
  • Last modified 21.11.2024 09:00:39

DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution (RCE) vulnerability elevated from HNAP Stack-Based Buffer Overflow.

5.3

CVE-2024-0717

Exploit
  • EPSS 28.39%
  • Published 19.01.2024 16:15:11
  • Last modified 21.11.2024 08:47:12

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, D...

9.8

CVE-2023-51984

Exploit
  • EPSS 14.08%
  • Published 11.01.2024 16:15:53
  • Last modified 16.06.2025 19:15:29

D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell.

9.8

CVE-2023-51987

Exploit
  • EPSS 0.37%
  • Published 11.01.2024 16:15:53
  • Last modified 21.11.2024 08:39:01

D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords.

9.8

CVE-2023-51989

  • EPSS 0.23%
  • Published 11.01.2024 16:15:53
  • Last modified 06.05.2025 21:15:54

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-51987. Reason: This candidate is a reservation duplicate of CVE-2025-51987. Notes: All CVE users should reference CVE-2025-51987 instead of this candidate. All references and des...

7.5

CVE-2019-20213

  • EPSS 0.84%
  • Published 02.01.2020 14:16:36
  • Last modified 21.11.2024 04:38:13

D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.

10

CVE-2019-17621

Warning Exploit
  • EPSS 93.19%
  • Published 30.12.2019 17:15:19
  • Last modified 03.04.2025 20:05:08

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when co...

10

CVE-2018-19987

Exploit
  • EPSS 81.83%
  • Published 13.05.2019 14:29:01
  • Last modified 21.11.2024 03:58:56

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccess...

10

CVE-2018-19989

Exploit
  • EPSS 32.75%
  • Published 13.05.2019 14:29:01
  • Last modified 21.11.2024 03:58:57

In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/...