CVE-2026-5844

A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...

CVE-2026-5844 D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection

A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...

D-Link DIR-882 操作系统命令注入漏洞

The D-Link DIR-882 is a dual-band wireless router produced by D-Link Corporation. The D-Link DIR-882 version 1.01B02 has a vulnerability related to operating system command injection. This vulnerability stems from an error in the sprintf function in the prog.cgi file within the HNAP1...

EUVD-2025-175372

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...

CVE-2025-60676

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...

CVE-2025-60676

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...

CVE-2025-60676

The CVE-2025-60676 entry concerns the D-Link DIR-878A1 router, firmware FW101B04.bin. Technical details across multiple connected sources confirm an unauthenticated command-injection in prog.cgi SetNetworkSettings, where IPAddress and SubnetMask are directly concatenated into shell commands execu...

D-Link DIR-878 操作系统命令注入漏洞

The D-Link DIR-878 is a wireless router from China-based AUO D-Link. The D-Link DIR-878 DIR878FW1.30B08 firmware version suffers from an operating system command injection vulnerability that stems from its /setnetworksettings/IPAddress component that allows an attacker to achieve command injectio...

CVE-2022-28895

A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1FW130B06 allows attackers to escalate privileges to root via a crafted payload...

CVE-2022-28896

A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1FW130B06 allows attackers to escalate privileges to root via a crafted payload...

CVE-2022-28896

A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1FW130B06 allows attackers to escalate privileges to root via a crafted payload...

D-Link DIR882 操作系统命令注入漏洞

The D-Link DIR882 is a dual-band wireless router from China-based AUO D-Link. The D-Link DIR882 DIR882A1FW130B06 firmware version suffers from an operating system command injection vulnerability that stems from a command injection issue in the component /setnetworksettings/IPAddress. An attacker...