13 matches found
CVE-2024-48636
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48635
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48636
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48637
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48636
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48635
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48637
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48636
D-Link DIR-882 (FW130B06) and DIR-878 (FW130B08) are affected by CVE-2024-48636, a command-injection in SetVLANSettings that allows arbitrary OS commands via a crafted POST to VLANID:0/VID. Root cause cited across sources is insufficient neutralization of special elements used in OS commands. Exp...
CVE-2024-48635
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48637
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48636
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48637
CVE-2024-48637 affects D-Link DIR-878 and DIR-882 (firmware DIR-878 FW130B08; DIR-882 FW130B06). Root cause: lack of neutralization of special elements in SetVLANSettings (prog.cgi) allowing command injection via VLANID:1/VID parameter in a crafted POST request. Impact: remote attacker can execut...
PT-2024-7031 · D Link · D-Link Dir-878 +1
Name of the Vulnerable Software and Affected Versions: D-Link DIR-878 version DIR 878 FW130B08 D-Link DIR-882 version DIR 882 FW130B06 Description: The issue exists due to the lack of neutralization of special elements used in the operating system command in the SetVLANSettings function of the...