Dlink

Dap-1650 Firmware

6 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2024-40505

  • EPSS 0.24%
  • Published 16.07.2024 20:15:03
  • Last modified 29.05.2025 20:11:44

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.

9.8

CVE-2024-23624

  • EPSS 10.01%
  • Published 26.01.2024 00:15:10
  • Last modified 21.11.2024 08:58:01

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.

9.8

CVE-2024-23625

  • EPSS 10.01%
  • Published 26.01.2024 00:15:10
  • Last modified 21.11.2024 08:58:02

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.

9.8

CVE-2022-36588

  • EPSS 0.83%
  • Published 08.09.2022 00:15:10
  • Last modified 21.11.2024 07:13:22

In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.

9.8

CVE-2019-12768

  • EPSS 0.23%
  • Published 30.12.2020 20:15:14
  • Last modified 21.11.2024 04:23:32

An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.

9.8

CVE-2019-12767

  • EPSS 0.94%
  • Published 21.03.2020 01:15:11
  • Last modified 21.11.2024 04:23:32

An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.