Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-18409

Malware in sbrugna...

9CVSS8.6AI score0.01236EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 p.m.9 views

CVE-2020-25759

An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation of inputs provided in multipart HTTP POST requests...

9CVSS7.4AI score0.02275EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:8 p.m.9 views

CVE-2020-18568

The D-Link DSR-250 3.14 DSR-1000N 2.11B201 UPnP service contains a command injection vulnerability, which can cause remote command execution...

9.8CVSS7.5AI score0.14552EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.8 views

CVE-2020-25758

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

9CVSS6.8AI score0.01236EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/05/08 12:35 a.m.501 views

Exploit for Classic Buffer Overflow in Dlink Dsr-150_Firmware

CVE-2024-57376 Pre-auth remote code execution exploit for D-L...

8.8CVSS7.9AI score0.03626EPSS
Exploits1
CNVD
CNVD
added 2021/02/07 12:0 a.m.8 views

D-link DSR-250 UPnP service command injection vulnerability

The D-link DSR-250 is a Unified Services Router. An input validation vulnerability exists in the D-link DSR-250 UPnP service, which allows remote attackers to exploit the vulnerability to submit a special request that can be used in the service context to execute arbitrary commands...

9.8CVSS7.5AI score0.14552EPSS
Exploits1References1
OSV
OSV
added 2021/02/02 2:15 p.m.5 views

CVE-2020-18568

The D-Link DSR-250 3.14 DSR-1000N 2.11B201 UPnP service contains a command injection vulnerability, which can cause remote command execution...

9.8CVSS5.8AI score0.14552EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/02/02 12:0 a.m.12 views

D-link DSR-250 命令注入漏洞

The D-link DSR-250 is a Unified Services Router. An input validation vulnerability exists in the D-link DSR-250 UPnP service, which allows remote attackers to exploit the vulnerability to submit a special request that can be used in the service context to execute arbitrary commands...

9.8CVSS7.6AI score0.14552EPSS
Exploits1References3
CNVD
CNVD
added 2020/12/16 12:0 a.m.2 views

D-Link DSR-250 Command Injection Vulnerability

The D-Link DSR-250 is an 8-port Gigabit VPN router with dynamic Web content filtering. A command injection vulnerability exists in the Unified Services Router web interface of the D-Link DSR-250 3.17. The vulnerability stems from a lack of authentication of input provided in a multipart HTTP POST...

9CVSS8.2AI score0.02275EPSS
Exploits0References1
NVD
NVD
added 2020/12/15 8:15 p.m.35 views

CVE-2020-25759

An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation of inputs provided in multipart HTTP POST requests...

9CVSS8.8AI score0.02275EPSS
Exploits0References3
OSV
OSV
added 2020/12/15 8:15 p.m.5 views

CVE-2020-25759

An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation of inputs provided in multipart HTTP POST requests...

8.8CVSS7.6AI score0.02275EPSS
Exploits0References3
OSV
OSV
added 2020/12/15 8:15 p.m.5 views

CVE-2020-25758

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

8.8CVSS5.9AI score0.01236EPSS
Exploits0References3
Prion
Prion
added 2020/12/15 8:15 p.m.30 views

Input validation

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

9CVSS8.5AI score0.01236EPSS
Exploits0References3Affected Software9
Cvelist
Cvelist
added 2020/12/15 7:27 p.m.29 views

CVE-2020-25758

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

8.6AI score0.01236EPSS
Exploits0References3
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.8 views

Multiple D-Link Router Products Input Validation Error Vulnerability

The D-link DSR-250, among others, is a Unified Services router from China-based AUO D-link. An input validation error vulnerability exists in D-Link DSR VPN routers with firmware 3.14 and 3.17, which stems from a lack of input validation and access control, and could lead to arbitrary input being...

8.8CVSS7.4AI score0.02044EPSS
Exploits0References4
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.6 views

D-link DSR-250 输入验证错误漏洞

The D-Link DSR-250 is an 8-port Gigabit VPN router with dynamic Web content filtering. A command injection vulnerability exists in the Unified Services Router web interface of the D-Link DSR-250 3.17. The vulnerability stems from a lack of authentication of input provided in a multipart HTTP POST...

9CVSS7.6AI score0.02275EPSS
Exploits0References4
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.6 views

D-Link 安全漏洞

The D-Link DSR-250 is an 8-port Gigabit VPN router with dynamic Web content filtering. A command injection vulnerability exists in the D-Link DSR-250 3.17. The vulnerability stems from insufficient validation of configuration file checksums. An attacker can use this vulnerability to inject...

9CVSS7.5AI score0.01236EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.5 views

The vulnerability of the microprogrammed software of the D–Link DSR–250 router allows a malicious individual to intercept network traffic.

The microprogrammed software of the D-Link DSR-250 router does not perform ARP packet authentication for packets transmitted over the IPv4 protocol. This allows for intercepting the traffic processed by this router through ARP spoofing attacks...

10CVSS5.5AI score0.14703EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder