12 matches found
EUVD-2026-20855
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...
CVE-2026-5844
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...
CVE-2026-5844
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...
CVE-2026-5844 D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...
CVE-2026-5844
The CVE-2026-5844 entry describes a vulnerability in D-Link DIR-882 (firmware 1.01B02) affecting the HNAP1 SetNetworkSettings handler, specifically the prog.cgi function sprintf. Manipulating the IPAddress argument triggers an OS command injection, with remote exploitation possible. Public exploi...
PT-2026-31585
Name of the Vulnerable Software and Affected Versions D-Link DIR-882 version 1.01B02 Description A flaw exists in the sprintf function within the prog.cgi file of the HNAP1 SetNetworkSettings Handler component. Manipulation of the IPAddress argument can lead to operating system command injection...
CVE-2025-60676
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...
CVE-2025-60676
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...
CVE-2025-60676
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...
PT-2025-46889
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...
CVE-2022-48107
D-Link DIR878FW1.30B08 was discovered to contain a command injection vulnerability via the component /setnetworksettings/IPAddress. This vulnerability allows attackers to escalate privileges to root via a crafted payload...
D-Link DIR-878 操作系统命令注入漏洞
The D-Link DIR-878 is a wireless router from China-based AUO D-Link. The D-Link DIR-878 DIR878FW1.30B08 firmware version suffers from an operating system command injection vulnerability that stems from its /SetNetworkSettings/SubnetMask component that allows attackers to achieve command injection...