Dlink

Dir-878 Firmware

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-60676

Medienbericht Exploit
  • EPSS 0.35%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 17:58:34

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are dire...

6.8

CVE-2025-60674

Medienbericht Exploit
  • EPSS 0.03%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 19:04:24

A stack buffer overflow vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin in the rc binary's USB storage handling module. The vulnerability occurs when the "Serial Number" field from a USB device is read via sscanf into a 64-b...

6.5

CVE-2025-60673

Medienbericht Exploit
  • EPSS 0.35%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 19:03:53

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later u...

6.5

CVE-2025-60672

Medienbericht Exploit
  • EPSS 0.35%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 19:04:14

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are...

7.5

CVE-2025-0481

  • EPSS 0.11%
  • Veröffentlicht 15.01.2025 19:15:26
  • Zuletzt bearbeitet 16.07.2025 14:56:08

A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to la...

8

CVE-2024-48634

  • EPSS 0.17%
  • Veröffentlicht 17.10.2024 18:15:08
  • Zuletzt bearbeitet 07.05.2025 16:06:45

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the key parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to execute arbitrary OS commands via a c...

8

CVE-2024-48629

  • EPSS 0.78%
  • Veröffentlicht 17.10.2024 18:15:08
  • Zuletzt bearbeitet 07.05.2025 16:07:03

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the IPAddress parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS comm...

8

CVE-2024-48630

  • EPSS 0.24%
  • Veröffentlicht 17.10.2024 18:15:08
  • Zuletzt bearbeitet 07.05.2025 16:07:00

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the MacAddress parameter in the SetMACFilters2 function. This vulnerability allows attackers to execute arbitrary OS commands via a ...

8

CVE-2024-48631

  • EPSS 0.61%
  • Veröffentlicht 17.10.2024 18:15:08
  • Zuletzt bearbeitet 07.05.2025 16:06:51

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a ...

8

CVE-2024-48632

  • EPSS 0.19%
  • Veröffentlicht 17.10.2024 18:15:08
  • Zuletzt bearbeitet 07.05.2025 16:06:54

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain multiple command injection vulnerabilities via the LocalIPAddress, TCPPorts, and UDPPorts parameters in the SetPortForwardingSettings function. This vulnerability allows ...