CVE-2023-45208
- EPSS 1.61%
- Published 10.10.2023 05:15:09
- Last modified 21.11.2024 08:26:33
A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repe...
CVE-2020-27864
- EPSS 15.59%
- Published 12.02.2021 00:15:12
- Last modified 21.11.2024 05:21:57
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2020-27865
- EPSS 23.5%
- Published 12.02.2021 00:15:12
- Last modified 21.11.2024 05:21:57
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exist...
- EPSS 1.74%
- Published 23.07.2020 21:15:11
- Last modified 21.11.2024 05:05:54
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03_HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication ...
CVE-2019-19597
- EPSS 8.43%
- Published 05.12.2019 04:15:11
- Last modified 21.11.2024 04:35:01
D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header.
CVE-2019-19598
- EPSS 0.37%
- Published 05.12.2019 04:15:11
- Last modified 21.11.2024 04:35:01
D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the ...