19628 matches found
CVE-2024-44340
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via keys smartqosexpressdevices and smartqosnormaldevices in SetSmartQoSSettings...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
PT-2024-5933 · D Link · D-Link Dir-846
Name of the Vulnerable Software and Affected Versions: D-Link DIR-846W A1 FW100A43 Description: The issue is a remote command execution vulnerability that can be exploited via a crafted POST request. It is related to the wl0.0 ssid parameter. This vulnerability allows a remote attacker to execute...
PT-2024-5843 · D Link · D-Link Dir-846
Name of the Vulnerable Software and Affected Versions: D-Link DIR-846W A1 FW100A43 Description: A remote command execution vulnerability was discovered in the D-Link DIR-846W A1 FW100A43, related to the SetSmartQoSSettings function. This issue allows a remote attacker to execute arbitrary code by...
CVE-2024-41622
The CVE-2024-41622 entry affects the D-Link DIR-846W A1 FW100A43, with a remote command execution (RCE) vulnerability exposed via the tomography_ping_address parameter in the /HNAP1/ interface. The root cause is the ability to execute arbitrary commands remotely, enabling a network-adjacent attac...
D-Link DIR-846W 安全漏洞
D-Link DIR-846W is a dual-band Gigabit wireless router with second-generation 11AC technology and MU-MIMO technology, supporting dual-band concurrent transmission rates up to 1200Mbps for 200M and above broadband users. A command execution vulnerability exists in the D-Link DIR-846W. The...
CVE-2024-44342
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the wl0.0ssid parameter. This vulnerability is exploited via a crafted POST request...
CVE-2024-41622
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the tomographypingaddress parameter in /HNAP1/ interface...
CVE-2024-44342
CVE-2024-44342 affects D-Link DIR-846W A1 FW100A43 and is a remote command execution vulnerability exploitable via the wl(0).(0)_ssid parameter using a crafted POST request. The issue is documented across multiple feeds; several sources identify this as a high/critical risk with CVSS-derived impa...
CVE-2024-41622
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the tomographypingaddress parameter in /HNAP1/ interface...
CVE-2024-44340
The CVE-2024-44340 entry concerns the D-Link DIR-846W A1 FW100A43 router (SetSmartQoSSettings) with a remote command execution (RCE) vulnerability exploitable via the smartqos_express_devices and smartqos_normal_devices parameters. The issue is described across multiple sources (NVD/Red Hat/CNVD/...
PT-2024-5964 · D Link · D-Link Dir-846
Name of the Vulnerable Software and Affected Versions: D-Link DIR-846W A1 FW100A43 Description: The issue is related to a remote command execution vulnerability via the tomography ping address parameter in the /HNAP1/ interface. This vulnerability may allow a remote attacker to execute arbitrary...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 is affected by CVE-2024-44341: a remote command execution (RCE) vulnerability through the lan(0)_dhcps_staticlist parameter, exploitable via a crafted POST request over the network. The Red Hat/CVE ecosystem confirms the issue, and PT-Security notes a practical workaro...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
Aruba 501 CN12G5W0XX Remote Command Execution
Exploit Title: Remote Command Execution | Aurba 501 Date: 17-07-2024 Exploit Author: Hosein Vita Vendor Homepage: https://www.hpe.com Version: Aurba 501 CN12G5W0XX Tested on: Linux import requests from requests.auth import HTTPBasicAuth def getinputprompt, defaultvalue: userinput = inputprompt...
CVE-2024-8127
The CVE-2024-8127 family affects D-Link NAS/DVR devices (DNS-120, DNR-202L, DNS-315L, DNS-320/320L/320LW/321, DNR-322L, DNS-323/325/326/327L, DNR-326, DNS-340L/343/345, DNS-726-4, DNS-1100-4, DNS-1200-05, DNS-1550-04) with a command-injection in the CGI unzip function of /cgi-bin/webfile_mgr.cgi ...
PT-2024-38822 · D Link · Dns-320L +18
Name of the Vulnerable Software and Affected Versions: D-Link DNS-120 up to 20240814 D-Link DNR-202L up to 20240814 D-Link DNS-315L up to 20240814 D-Link DNS-320 up to 20240814 D-Link DNS-320L up to 20240814 D-Link DNS-320LW up to 20240814 D-Link DNS-321 up to 20240814 D-Link DNR-322L up to...
Ray cpu_profile command injection
Ray RCE via cpuprofile command injection vulnerability. Module Options msf use exploit/linux/http/raycpuprofilecmdinjectioncve20236019 msf exploitraycpuprofilecmdinjectioncve20236019 show targets ...targets... msf exploitraycpuprofilecmdinjectioncve20236019 set TARGET msf...
CVE-2024-44381
D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in jhttpd mspinfohtm function...