CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

98 matches found

OSV•added 2022/10/26 7:15 p.m.•2 views

CVE-2022-42999

D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm...

7.5CVSS5.8AI score0.11976EPSS

Exploits1References2

Prion•added 2022/10/26 7:15 p.m.•28 views

Command injection

D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm...

5CVSS8AI score0.11976EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/10/26 12:0 a.m.•20 views

CVE-2022-42999

D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm...

8.2AI score0.11976EPSS

Exploits1References2

Positive Technologies•added 2022/10/26 12:0 a.m.•3 views

PT-2022-5271 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to command injection vulnerabilities. These vulnerabilities can be exploited via the admuser and admpass parameters at the "/goform/setSysAdm" API endpoint. The vulnerabilit...

7.8CVSS7.8AI score0.11976EPSS

Exploits1References4

OSV•added 2022/05/10 2:15 p.m.•2 views

CVE-2022-28915

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm...

9.8CVSS7.3AI score0.28613EPSS

Exploits1References2

ATTACKERKB•added 2022/05/10 2:15 p.m.•2 views

CVE-2022-28915

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm...

10CVSS5.9AI score0.28613EPSS

Exploits1References3

NVD•added 2022/05/10 2:15 p.m.•9 views

CVE-2022-28915

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm...

10CVSS0.28613EPSS

Exploits1References2

Prion•added 2022/05/10 2:15 p.m.•13 views

Command injection

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm...

10CVSS9.7AI score0.28613EPSS

Exploits1References2Affected Software1

CNNVD•added 2022/05/10 12:0 a.m.•1 views

D-Link DIR-816 A2 操作系统命令注入漏洞

D-Link DIR-816 A2 is a wireless router from D-Link, Taiwan, China.A command injection vulnerability exists in D-Link DIR-816 A2, which stems from the failure to properly filter the admuser and admpass parameters in /goform/setSysAdm to construct command special characters, commands, etc. The...

10CVSS8.4AI score0.28613EPSS

Exploits1References3

Positive Technologies•added 2022/05/10 12:0 a.m.•3 views

PT-2022-19309 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10CNB04 Description: A command injection issue was discovered via the admuser and admpass parameters in the "/goform/setSysAdm" API endpoint. Recommendations: For D-Link DIR-816 A2 version 1.10CNB04, as a temporary...

10CVSS9.6AI score0.28613EPSS

Exploits1References4

CNVD•added 2020/12/28 12:0 a.m.•2 views

Belkin LINKSYS RE6500 Remote Code Execution Vulnerability

The Linksys RE6500 is an AC1200 dual-band WiFi extender from Belkin. A remote code execution vulnerability exists in Belkin LINKSYS RE6500 versions prior to 1.0.012.001. A remote attacker can exploit the vulnerability by using shell metacharacters on the goform/setSysAdm page to execute arbitrary...

10CVSS8.6AI score0.93609EPSS

Exploits2References1

NVD•added 2020/12/26 1:15 a.m.•11 views

CVE-2020-35713

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page...

10CVSS10AI score0.93609EPSS

Exploits2References3

OSV•added 2020/12/26 1:15 a.m.•4 views

CVE-2020-35713

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page...

9.8CVSS7.6AI score0.93609EPSS

Exploits2References3

Prion•added 2020/12/26 1:15 a.m.•14 views

Code injection

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page...

10CVSS9.9AI score0.93609EPSS

Exploits2References3Affected Software1

Cvelist•added 2020/12/26 12:47 a.m.•12 views

CVE-2020-35713

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page...

10AI score0.93609EPSS

Exploits2References3

CNNVD•added 2020/12/25 12:0 a.m.•2 views

Belkin LINKSYS RE6500 操作系统命令注入漏洞

10CVSS8.1AI score0.93609EPSS

Exploits2References4

CNVD•added 2019/03/26 12:0 a.m.•2 views

D-Link DIR-816 A2 Router Web or System Account Editing Vulnerability

The D-Link DIR-816 A2 is a wireless router from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link DIR-816 A2 version 1.11, which stems from the program only checking for random tokens when authorizing a goform request. The vulnerability can be exploited to edit web and...

9.8CVSS7.1AI score0.01213EPSS

Exploits1References1

OSV•added 2019/03/25 7:29 p.m.•2 views

CVE-2019-10039

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication...

9.8CVSS5.8AI score0.01213EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by