CVE-2020-27862

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...

Logic Flaw Vulnerability in DVA-2800 Management Platform, DSL-2888A Management Platform

AUO Electronic Equipment Shanghai Co., Ltd. is a company that mainly deals with network equipment, wireless equipment, switches and other items. A logic flaw vulnerability exists in the DVA-2800 management platform and DSL-2888A management platform, which can be exploited by attackers to obtain...

CVE-2020-27863

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...

CVE-2020-27862

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...

CVE-2020-27863

CVE-2020-27863 affects D-Link DVA-2800 and DSL-2888A routers. The flaw is in the dhttpd service (listening on TCP port 8008 by default) where incorrect string-matching logic when accessing protected pages allows network-adjacent attackers to disclose stored credentials without authentication. The...

CVE-2020-27862

CVE-2020-27862 affects D-Link DVA-2800 and DSL-2888A routers. A flaw in the dhttpd service handling of the path parameter allows an unauthenticated, network-adjacent attacker to execute arbitrary code via a system call, with impact on the web server context. The issue is triggered by parsing the ...

D-Link DVA-2800 and DSL-2888A License Issue Vulnerability

The D-Link DVA-2800 and DSL-2888A is a wireless router from D-Link. It provides the ability to connect to a network. An authorization issue vulnerability exists in D-Link DVA-2800 and DSL-2888A firmware version 2.3, which can be exploited by an attacker to disclose stored credentials, leading to...

D-Link DVA-2800 and DSL-2888A 命令注入漏洞

The D-link DSL-2888A is a Unified Services Router from China AUO D-link. A command injection vulnerability exists in the D-Link DVA-2800 and DSL-2888A firmware, which arises from a network system or product that does not properly filter specific elements of externally inputted data during the...