Lucene search
K

311 matches found

EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40045

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS7AI score0.02706EPSS
Exploits1References6
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-13545 D-Link DCS-935L POST Parameter setconf.cgi sub_400E40 os command injection

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS0.02706EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.10 views

CVE-2026-11555

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...

7.5CVSS4.9AI score0.00405EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 5:45 p.m.10 views

CVE-2026-11555

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...

6.3CVSS5AI score0.00405EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/08 5:45 p.m.11 views

EUVD-2026-35178

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...

6.3CVSS5AI score0.00405EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.8 views

CVE-2026-7851

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used...

8.6CVSS7.9AI score0.0408EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/05 4:30 p.m.6 views

CVE-2026-11339 D-Link DWR-M920 formUSSDSetup sub_41CF20 command injection

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03133EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/01 12:15 a.m.11 views

EUVD-2026-33528

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

9CVSS7.7AI score0.005EPSS
Exploits0References6
NVD
NVD
added 2026/05/11 11:20 p.m.34 views

CVE-2026-8345

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this issue is the function sub445E7C of the file /goform/singlePortForward. Such manipulation of the argument ipaddress leads to command injection. It is possible to launch the attack remotely. The...

8.8CVSS0.03156EPSS
Exploits1References5
CVE
CVE
added 2026/05/11 4:15 a.m.21 views

CVE-2026-8272

CVE-2026-8272 affects D-Link DNS-320 firmware 2.06B01 and targets the webfile_mgr.cgi component. The vulnerability arises from manipulation of file operations (delete/rename/copy/move/chmod/chown), enabling OS command injection via remote input. Publicly released exploit details exist, and exploi...

7.2CVSS5.6AI score0.05587EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.9 views

CVE-2026-7854

A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function urlruleasp of the file /urlrule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploi...

10CVSS7.6AI score0.0586EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/05 9:31 p.m.9 views

EUVD-2026-27432

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS7.8AI score0.01057EPSS
Exploits1References6
NVD
NVD
added 2026/05/05 6:16 p.m.10 views

CVE-2026-7853

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...

10CVSS0.01515EPSS
Exploits1References5
NVD
NVD
added 2026/05/05 6:16 p.m.11 views

CVE-2026-7851

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used...

8.6CVSS0.0408EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/05 5:30 p.m.5 views

CVE-2026-7851

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used...

8.6CVSS7.7AI score0.0408EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:3 p.m.5 views

CVE-2026-42376

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

9.8CVSS5.8AI score0.00461EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/04 4:3 p.m.6 views

CVE-2026-42376 D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

9.8CVSS5.8AI score0.00461EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/04 4:0 p.m.8 views

CVE-2026-42374 D-Link DIR-600L B1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

9.8CVSS5.8AI score0.00472EPSS
Exploits1References1
NVD
NVD
added 2026/04/28 9:16 a.m.6 views

CVE-2026-7247

A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function fileextenasp of the file fileexten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The...

8.6CVSS0.00717EPSS
Exploits1References5
NVD
NVD
added 2026/04/28 9:16 a.m.10 views

CVE-2026-7248

A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfilehtm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...

10CVSS0.02154EPSS
Exploits1References5
Rows per page
Query Builder