49 matches found
CVE-2023-4542
A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...
EUVD-2024-44297
Malicious code in bioql PyPI...
EUVD-2023-57489
Malicious code in bioql PyPI...
EUVD-2023-57491
Malicious code in bioql PyPI...
CVE-2023-5153
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2023-5151
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical was found in D-Link DAR-8000 up to 20151231. Affected by this vulnerability is an unknown functionality of the file /autheditpwd.php. The manipulation of the argument hidid leads to sql injection. The attack can be launched remotely...
The vulnerability in the script interface/sysmanage/licenseauthorization.php of the D-Link DAR-7000 and DAR-8000 router microsystems allows a hacker to execute arbitrary code.
The vulnerability in the interface/sysmanage/licenseauthorization.php script of the D-Link DAR-7000 and DAR-8000 router microsystems lies in the ability to download files of a malicious nature without limitation. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
PT-2024-3696 · D Link · D-Link Dar-7000-40 +2
Name of the Vulnerable Software and Affected Versions: D-Link DAR-7000-40 version V31R02B1413C D-Link DAR-7000 affected versions not specified D-Link DAR-8000 affected versions not specified Description: A critical issue affects an unknown part of the file /url/url.php, allowing for unrestricted...
CVE-2024-4699
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...
CVE-2024-4699
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...
D-Link DAR-8000 代码问题漏洞
DAR-8000-10 is the Internet Behavior Audit Gateway from China AUO D-Link. AUO DAR-8000-10 20230922 and earlier versions have a deserialization vulnerability that originates from the unsafe deserialization of the parameter sql of the file /importhtml.php when receiving serialized data submitted by...
CVE-2024-4699
Summary (CVE-2024-4699): D-Link DAR-8000-10 (up to 20230922) is affected by a deserialization vulnerability in the /importhtml.php endpoint. The issue arises from manipulating the sql parameter, enabling remote code execution through unsafe deserialization. This vulnerability is documented across...
The vulnerability in the importexport.php script of the D-Link DAR-8000 router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the importexport.php script in the D-Link DAR-8000 router microprogramming system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...
The vulnerability of the /autheditpwd.php script in the D-Link DAR-8000 router microprogramming system, allowing a hacker to execute arbitrary commands.
The vulnerability of the /autheditpwd.php script in the D-Link DAR-8000 router microprogramming system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...
The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming system is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability in the script /Tool/querysql.php of the D-Link DAR-8000 router software, which allows a hacker to execute arbitrary commands.
The vulnerability in the D-Link DAR-8000 router’s microprogramming software, implemented in the /Tool/querysql.php script, relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...
CVE-2023-5154
UNSUPPORTED WHEN ASSIGNED A vulnerability has been found in D-Link DAR-8000 up to 20151231 and classified as critical. This vulnerability affects unknown code of the file /sysmanage/changelogo.php. The manipulation of the argument fileupload leads to unrestricted upload. The attack can be initiat...
CVE-2023-5154
UNSUPPORTED WHEN ASSIGNED A vulnerability has been found in D-Link DAR-8000 up to 20151231 and classified as critical. This vulnerability affects unknown code of the file /sysmanage/changelogo.php. The manipulation of the argument fileupload leads to unrestricted upload. The attack can be initiat...
CVE-2023-5153
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
Sql injection
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...