Dlink

Dir-880l Firmware

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-4341

  • EPSS 0.03%
  • Published 06.05.2025 08:31:05
  • Last modified 13.05.2025 20:25:22

A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTP_ST...

7.5

CVE-2020-29322

Exploit
  • EPSS 0.73%
  • Published 04.06.2021 20:15:07
  • Last modified 21.11.2024 05:23:54

The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.

7.5

CVE-2019-20213

  • EPSS 0.84%
  • Published 02.01.2020 14:16:36
  • Last modified 21.11.2024 04:38:13

D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.

10

CVE-2019-17621

Warning Exploit
  • EPSS 93.19%
  • Published 30.12.2019 17:15:19
  • Last modified 03.04.2025 20:05:08

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when co...

9.8

CVE-2017-14948

Exploit
  • EPSS 4.78%
  • Published 14.10.2019 18:15:10
  • Last modified 21.11.2024 03:13:49

Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request han...

8.8

CVE-2018-20674

  • EPSS 0.59%
  • Published 09.01.2019 00:29:00
  • Last modified 21.11.2024 04:01:58

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution.

9.8

CVE-2018-20675

  • EPSS 0.42%
  • Published 09.01.2019 00:29:00
  • Last modified 21.11.2024 04:01:58

D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass.

10

CVE-2016-6563

Exploit
  • EPSS 87.97%
  • Published 13.07.2018 20:29:01
  • Last modified 21.11.2024 02:56:21

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following...

10

CVE-2018-6530

Warning Exploit
  • EPSS 93.89%
  • Published 06.03.2018 20:29:00
  • Last modified 03.04.2025 20:28:21

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 an...