CVE-2025-4356
- EPSS 0.21%
- Published 06.05.2025 13:00:09
- Last modified 13.05.2025 20:24:15
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to s...
CVE-2025-4355
- EPSS 0.19%
- Published 06.05.2025 12:31:10
- Last modified 13.05.2025 20:24:22
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack...
CVE-2025-4354
- EPSS 0.19%
- Published 06.05.2025 12:31:05
- Last modified 13.05.2025 20:24:29
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched rem...
CVE-2024-36831
- EPSS 0.14%
- Published 17.12.2024 15:15:12
- Last modified 21.05.2025 15:21:54
A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request without authentication.
CVE-2020-15892
- EPSS 0.92%
- Published 22.07.2020 19:15:12
- Last modified 21.11.2024 05:06:23
An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a user performs a login action from the web interface, the request values are being forwarded to the ssi binary. On the login page, the web interface restr...