EUVD-2025-4132

Malicious code in bioql PyPI...

CVE-2024-48633

D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain multiple command injection vulnerabilities via the ExternalPort, InternalPort, ProtocolNumber, and LocalIPAddress parameters in the SetVirtualServerSettings function. This vulnerability allows attackers to execute arbitrar...

D-Link DIR-853 SetVirtualServerSettings Module Command Injection Vulnerability

The D-Link DIR-853 is a router from China's AUO D-Link. The D-Link DIR-853 suffers from a command injection vulnerability that stems from the SetVirtualServerSettings module not properly handling user input. No details of the vulnerability are provided at this time...

D-Link DIR-853 安全漏洞

The D-Link DIR-853 is a router from China's AUO D-Link. The D-Link DIR-853 suffers from a command injection vulnerability that stems from the SetVirtualServerSettings module not properly handling user input. No details of the vulnerability are provided at this time...

CVE-2025-25743

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the SetVirtualServerSettings module...

CVE-2025-25743

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the SetVirtualServerSettings module...

D-Link DIR-823G 安全漏洞

The D-Link DIR-823G is a wireless router that provides network connectivity and management for homes and small offices. The D-Link DIR-823G suffers from an improper access control vulnerability that originates in the Web Management Interface component's SetAutoRebootSettings, SetClientInfo,...

CVE-2022-43631

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2022-43631

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

D-Link DIR-867 Command Injection Vulnerability

The D-Link DIR-867 is a wireless router from China Youxun D-Link.A command injection vulnerability exists in the D-Link DIR-867, which is caused by a command injection vulnerability in the SetVirtualServerSettings function. By sending a carefully crafted request using the LocalIPAddress parameter...

CVE-2023-24762

OS Command injection vulnerability in D-Link DIR-867 DIR867FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1...

CVE-2023-24762

OS Command injection vulnerability in D-Link DIR-867 DIR867FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1...

Command injection

OS Command injection vulnerability in D-Link DIR-867 DIR867FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1...

CVE-2023-24762

OS Command injection vulnerability in D-Link DIR-867 DIR867FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1...

D-Link DIR-867 操作系统命令注入漏洞

The D-Link DIR-867 is a wireless router from China Youxun D-Link.A command injection vulnerability exists in the D-Link DIR-867, which is caused by a command injection vulnerability in the SetVirtualServerSettings function. By sending a carefully crafted request using the LocalIPAddress parameter...

D-Link DIR-1935 SetVirtualServerSettings VirtualServerInfo Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

CVE-2022-29778

D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php...

PT-2022-19827 · D Link · D-Link Dir-890L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-890L version 1.20b01 Description: The issue allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter descriptor at the API endpoint "SetVirtualServerSettings.php". Recommendations: For...

D-Link DIR-3060 授权RCE漏洞（CVE-2021-28144）

Advisory: D-Link DIR-3060 Authenticated RCE CVE-2021-28144 MARCH 11, 2021 Overview The D-Link DIR-3060 running firmware versions below v1.11b04 is affected by a post-authentication command injection vulnerability. Anybody with authenticated access to a DIR-3060 would be able to run arbitrary syst...

CVE-2021-28144

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...