3 matches found
D-Link DIR816L Command Injection (CVE-2022-28915; CVE-2022-28958; CVE-2022-37123; CVE-2022-37125; CVE-2022-37129)
A command injection vulnerability exists in D-Link DIR816L. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-28915
creationtimestamp| type| source ---|---|--- 2022-05-10 18:34:31+00:00| seen| https://t.me/cibsecurity/42258...
CVE-2022-28915
CVE-2022-28915 affects D-Link DIR-816 A2 (firmware v1.10CNB04). The vulnerability is a command-injection in the /goform/setSysAdm API, exploitable via the admuser and admpass parameters, enabling arbitrary command execution. Several connected sources corroborate theffected device and vector; some...