CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

RedhatCVE•added 2025/11/24 6:34 p.m.•18 views

CVE-2025-13562

A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerabili...

9.8CVSS7.2AI score0.05612EPSS

Exploits1References1

EUVD•added 2025/11/23 6:30 p.m.•5 views

EUVD-2025-198579

7.5CVSS6.7AI score0.05612EPSS

Exploits1References6

OSV•added 2025/11/23 6:15 p.m.•5 views

CVE-2025-13562

9.8CVSS5.7AI score0.05612EPSS

Exploits1References5

Cvelist•added 2025/11/23 6:2 p.m.•12 views

CVE-2025-13562 D-Link DIR-852 gena.cgi command injection

7.5CVSS0.05612EPSS

Exploits1References5

Vulnrichment•added 2025/11/23 6:2 p.m.•2 views

CVE-2025-13562 D-Link DIR-852 gena.cgi command injection

7.5CVSS6.8AI score0.05612EPSS

Exploits1References5

Positive Technologies•added 2025/11/23 12:0 a.m.•6 views

PT-2025-47856

Name of the Vulnerable Software and Affected Versions D-Link DIR-852 version 1.00 Description A flaw exists in the processing of the /gena.cgi file on the device. Manipulating the service argument can lead to command injection, allowing for remote execution of commands. The exploit is publicly...

9.8CVSS7.5AI score0.05612EPSS

Exploits1References11

CNNVD•added 2025/11/23 12:0 a.m.•3 views

D-Link DIR-852 命令注入漏洞

D-Link DIR-852 is a router from China AUO D-Link. A command injection vulnerability exists in the D-Link DIR-852 version 1.00, which stems from the misuse of the parameter service in the file /gena.cgi, and could lead to a command injection attack...

9.8CVSS7.7AI score0.05612EPSS

Exploits1References6

CNVD•added 2025/10/21 12:0 a.m.•2 views

D-Link DIR-852 HNAP1 File Command Injection Vulnerability

D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that stems from the failure of file /HNAP1/ to properly filter...

7.5CVSS7.8AI score0.01673EPSS

Exploits0References1

Vulnrichment•added 2025/10/08 6:2 p.m.•3 views

CVE-2025-11488 D-Link DIR-852 HNAP1 command injection

A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This vulnerabilit...

7.5CVSS7.3AI score0.01673EPSS

Exploits0References5

Positive Technologies•added 2025/10/08 12:0 a.m.•5 views

PT-2025-41296

Name of the Vulnerable Software and Affected Versions D-Link DIR-852 versions prior to 20251003 Description A flaw exists in D-Link DIR-852. This issue affects an unspecified component of the /HNAP1/ file. Successful manipulation can result in command injection. The attack can be initiated...

7.5CVSS7.1AI score0.01673EPSS

Exploits0References10

CNNVD•added 2025/10/08 12:0 a.m.•3 views

D-Link DIR-852 命令注入漏洞

7.5CVSS7.8AI score0.01673EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•15 views

EUVD-2025-27121

Malicious code in bioql PyPI...

7.5CVSS5.6AI score0.00933EPSS

Exploits1References5

CNVD•added 2025/09/23 12:0 a.m.•2 views

D-Link DIR-852 cgibin file command injection vulnerability

D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that originates from the parameter ST of the component Simple Servi...

8.8CVSS7.8AI score0.05363EPSS

Exploits1References1

CNVD•added 2025/09/23 12:0 a.m.•4 views

D-Link DIR-852 hedwig.cgi File Command Injection Vulnerability

8.8CVSS7.8AI score0.08849EPSS

Exploits1References1

RedhatCVE•added 2025/09/20 1:57 a.m.•8 views

CVE-2025-10629

A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issue affects the function ssdpcgimain of the file htodcs/cgibin of the component Simple Service Discovery Protocol Service. Executing manipulation of the argument ST can lead to command injection. The attack may be performed from...

8.8CVSS6.4AI score0.05363EPSS

Exploits1References1

OSV•added 2025/09/18 1:15 a.m.•1 views

CVE-2025-10628

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has...

8.8CVSS5.6AI score0.08849EPSS

Exploits1References5

Vulnrichment•added 2025/09/18 12:32 a.m.•3 views

CVE-2025-10629 D-Link DIR-852 Simple Service Discovery Protocol Service cgibin ssdpcgi_main command injection

6.5CVSS6.4AI score0.05363EPSS

Exploits1References5

Cvelist•added 2025/09/18 12:32 a.m.•8 views

CVE-2025-10629 D-Link DIR-852 Simple Service Discovery Protocol Service cgibin ssdpcgi_main command injection

6.5CVSS0.05363EPSS

Exploits1References5

CVE•added 2025/09/18 12:32 a.m.•19 views

CVE-2025-10629

The CVE-2025-10629 affects D-Link DIR-852 (firmware 1.00CN B09) in the Simple Service Discovery Protocol Service, specifically the ssdpcgi_main function in htodcs/cgibin. The vulnerability arises from insufficient input filtering of the ST argument, enabling command injection and potential remote...

8.8CVSS6.4AI score0.05363EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/09/18 12:2 a.m.•3 views

CVE-2025-10628 D-Link DIR-852 Web Management hedwig.cgi command injection

6.5CVSS6.4AI score0.08849EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by