CVE-2024-51023

D-Link DIR823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

The vulnerability of the SetNetworkTomographySettings module in the microprogramming software for D-Link DIR-822+ allows a hacker to execute arbitrary code.

The vulnerability of the SetNetworkTomographySettings module in the microprogramming software of D-Link DIR-822+ routers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

CVE-2024-34950

D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module...

The vulnerability of the implementation of the SetNetworkTomographySettings() function in the microprogrammed software for D-link DIR-823G routers allows a hacker to execute arbitrary commands.

The vulnerability of the SetNetworkTomographySettings function implementation in D-link DIR-823G router microprogramming software is related to insufficient cleaning of input data used in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending...

CVE-2022-43109

D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet...

D-Link COVR 命令注入漏洞

D-Link COVR is a series of routers from China-based AUO D-Link. A security vulnerability exists in the D-Link COVR 1200, 1203 v1.08 versions, which originates from a command injection vulnerability contained via the tomographypingnumber parameter in the function SetNetworkTomographySettings...

The vulnerabilities of the DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 allow a hacker to execute arbitrary commands.

The vulnerability of the DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 routers is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability can allow a malicious actor to execute arbitrary commands using a...

CVE-2021-46314

A Remote Command Execution RCE vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name...

CVE-2021-46314

A Remote Command Execution RCE vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name...

D-Link DIR-846 操作系统命令注入漏洞

A command execution vulnerability exists in the D-Link DIR-846, a wireless router from D-Link in Taiwan, China, which originates in the product HNAP1/control/SetNetworkTomographySettings.php file. The vulnerability is caused by the fact that the HNAP1/control/SetNetworkTomographySettings.php file...

The vulnerability of the implementation of the SetNetworkTomographySettings() function in the microprogrammed software for D-Link DIR-823-Pro wireless routers allows a hacker to execute arbitrary commands.

The vulnerability of the implementation of the SetNetworkTomographySettings function in the microprogrammed wireless router software from D-Link DIR-823-Pro relates to insufficient cleaning of input data during the processing of parameters tomographypingaddress, tomographypingnumber,...

CVE-2021-46452

D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via the tomographypingaddress, tomographypingnumber, tomographypingsize,...

CVE-2020-21935

A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code...

The vulnerability of the GetNetworkTomographyResult function in the microprogramming software of the D–Link DIR-823G router allows a hacker to execute arbitrary commands on the operating system.

The vulnerability of the GetNetworkTomographyResult function in the microprogramming software of the D–Link DIR-823G router is related to insufficient cleaning of input data used in commands. Exploiting this vulnerability can allow an attacker to execute arbitrary operating system commands by...

CVE-2019-7297

An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult function calls the system...

PT-2018-3894 · D Link · D-Link Dir-846

Name of the Vulnerable Software and Affected Versions: D-Link DIR-846 version 100.26 Description: The issue exists due to the lack of measures to neutralize special elements used in an operating system command. This can be exploited by a remote attacker to execute arbitrary code. The exploitation...