D-Link DIR-846W Command Execution Vulnerability

D-Link DIR-846W is a dual-band Gigabit wireless router with second-generation 11AC technology and MU-MIMO technology, supporting dual-band concurrent transmission rates up to 1200Mbps for 200M and above broadband users. The D-Link DIR-846W suffers from a command execution vulnerability that stems...

D-Link DAP-1325 SubnetMask Command Injection Vulnerability

D-Link DAP-1325 is a wireless access point/bridge made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network to wireless network or connect different wireless networks. The D-Link DAP-1325 suffers from a command injection vulnerability th...

D-Link DIR-2640 Authentication Bypass Vulnerability

The D-Link DIR-2640 is a high power Wi-Fi router manufactured by the Chinese company AUO D-Link, which is mainly used to provide wireless network connectivity. The D-Link DIR-2640 suffers from an authentication bypass vulnerability that stems from the HNAP PrivateLogin authentication bypass...

CVE-2023-51617

D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability...

CVE-2023-41211

D-Link DAP-1325 SetHostIPv6StaticSettings StaticPrefixLength Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to...

CVE-2023-41192

D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...

CVE-2023-41194

D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...

The vulnerability of the sub_424320() function in D-Link DIR-823G router’s software allows a hacker to induce a service failure.

The vulnerability of the sub424320 function in D-Link DIR-823G router microprogramming software is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to trigger a service failure by sending a specially crafted HNAP1/SetIgnoreWizardConfig request...

D-Link DIR-822 安全漏洞

The D-Link DIR-822 is a wireless router from China's AUO D-Link. An access control error vulnerability exists in the D-Link DIR-822+ version V1.0.2, which stems from a login bypass issue in the HNAP1 interface that can be exploited by an attacker to log in to the administrator account using an...

PT-2023-8303 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The flaw exists within the prog.cgi binary, which...

PT-2023-8298 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

The vulnerability of the HNAP1 protocol implementation in the microprogramming-based router software of D–Link DIR-823G allows a attacker to execute arbitrary commands.

The vulnerability of the HNAP1 protocol implementation in the microprogramming-based router software of D–Link DIR-823G is related to insufficient checking of arguments transmitted in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by entering...

D-Link DIR-846 操作系统命令注入漏洞

A command execution vulnerability exists in the D-Link DIR-846, a wireless router from D-Link in Taiwan, China, which originates in the product HNAP1/control/SetNetworkTomographySettings.php file. The vulnerability is caused by the fact that the HNAP1/control/SetNetworkTomographySettings.php file...

D-Link DIR-818LW Command Injection Vulnerability (CNVD-2019-17124)

The D-Link DIR-818LW is a wireless router from AUO D-Link of Taiwan, China. A command injection vulnerability exists in HNAP1 SetWanSettings in the D-Link DIR-818LW versions 2.05.B03 through 2.06B01 BETA. The vulnerability stems from a network system or product not properly filtering specific...

D-Link DIR-645 has multiple vulnerabilities

The D-Link DIR-645 is a wireless router device. The D-Link DIR-645 is vulnerable to a command injection and buffer overflow vulnerability, which allows malicious applications to perform buffer overflow attacks to execute arbitrary commands, in addition to injecting arbitrary commands via the HNAP...

Multiple Routers HNAP Insecure Implementation Privilege Escalation

Multiple routers are vulnerable to insecure implementations of the Home Network Administration Protocol HNAP. This vulnerability could allow unauthenticated users to view and configure administrative settings on the router...

OS Identification : HNAP

The remote operating system can be identified through information collected via HNAP Home Network Administration Protocol. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid53471; scriptversion"1.12"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"OS Identification...

Multiple D-Link Routers Authentication Bypass Vulnerability

Exploit for unknown platform in category web applications =========================================================== Multiple D-Link Routers Authentication Bypass Vulnerability =========================================================== Multiple D-­Link routers suffer from insecure...