16 matches found
CVE-2025-15245
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and...
CVE-2025-15245 D-Link DCS-850L Firmware Update Service uploadfirmware path traversal
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and...
EUVD-2025-205771
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and...
CVE-2025-15245
CVE-2025-15245 concerns D-Link DCS-850L firmware, version 1.02.09, in the Firmware Update Service’s uploadfirmware function. The issue is a path traversal caused by manipulating the DownloadFile argument. Exploitation requires local-network access, and public exploit code exists. The vulnerabilit...
CVE-2025-15245 D-Link DCS-850L Firmware Update Service uploadfirmware path traversal
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and...
PT-2025-53922
Name of the Vulnerable Software and Affected Versions D-Link DCS-850L version 1.02.09 Description A flaw exists within the Firmware Update Service component, specifically in the uploadfirmware function. The issue stems from manipulating the DownloadFile argument, leading to a path traversal...
CVE-2025-14884
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This...
CVE-2025-14884
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This...
CVE-2025-14884 D-Link DIR-605 Firmware Update Service command injection
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This...
CVE-2025-14884
The CVE-2025-14884 entry concerns a remote command-injection vulnerability in the Firmware Update Service of D-Link DIR-605 (version 202WWB03). The issue stems from a flaw in the firmware update component, allowing an attacker to inject commands over the network. The exploit is public, and affect...
CVE-2025-14884 D-Link DIR-605 Firmware Update Service command injection
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This...
PT-2025-52269
Name of the Vulnerable Software and Affected Versions D-Link DIR-605 version 202WWB03 Description A flaw exists in the Firmware Update Service component of the device, allowing for command injection. This issue can be exploited remotely. The exploit is publicly available. This vulnerability affec...
D-Link DIR-605 命令注入漏洞
The D-Link DIR-605 is a wireless router from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DIR-605 version 202WWB03, which stems from a command injection in the firmware update service component...
RLSA-2023:7189 Moderate: fwupd security update
The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Samsung Tizen 输入验证错误漏洞
Samsung Tizen is an open source Linux kernel-based mobile operating system from South Korea's Samsung, available for devices including smartphones, tablets, smartwatches, netbooks, in-vehicle messaging and entertainment devices, and smart TVs. The input validation error vulnerability exists in...
SAMSUNG Tizen 安全漏洞
Samsung Tizen is an open-source Linux-based mobile operating system from Samsung, South Korea, for smartphones, tablets, smartwatches, netbooks, in-vehicle messaging and entertainment devices, and smart TVs. The code injection vulnerability in Samsung Tizen stems from an access control error...