Lucene search
+L

10 matches found

bdu_fstec
bdu_fstec
added 2022/02/25 12:0 a.m.10 views

The vulnerabilities of the DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 allow a hacker to execute arbitrary commands.

The vulnerability of the DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 routers is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability can allow a malicious actor to execute arbitrary commands using a...

10CVSS8.1AI score0.06573EPSS
Exploits1References3
osv
osv
added 2022/02/17 10:15 p.m.4 views

CVE-2021-46315

Remote Command Execution RCE vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use "\ " or backticks in the shell metacharacters in the ssid0 or ssid1 parameters...

9.8CVSS6AI score0.06573EPSS
Exploits1References2
attackerkb
attackerkb
added 2022/02/17 10:15 p.m.6 views

CVE-2021-46315

Remote Command Execution RCE vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use "\ " or backticks in the shell metacharacters in the ssid0 or ssid1 parameters...

10CVSS8AI score0.06573EPSS
Exploits1References3
cvelist
cvelist
added 2022/02/17 9:15 p.m.33 views

CVE-2021-46315

Remote Command Execution RCE vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use "\ " or backticks in the shell metacharacters in the ssid0 or ssid1 parameters...

10AI score0.06573EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2021/06/15 12:0 a.m.6 views

The vulnerability of the SetWizardConfig function in D-Link DIR-846 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the SetWizardConfig function in D-Link DIR-846 router microprogramming software is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created request /HNAP1/...

10CVSS8.1AI score0.03557EPSS
Exploits1References4Affected Software1
cnvd
cnvd
added 2019/10/12 12:0 a.m.4 views

D-Link DIR-846 Arbitrary OS Command Execution Vulnerability

The D-Link DIR-846 is a 6-antenna 1200M full gigabit dual-band MU-MIMO wireless router. An arbitrary OS command execution vulnerability exists in the D-Link DIR-846 with firmware version 100A35. A remote attacker can exploit the vulnerability by sending /HNAP1/ request to...

10CVSS8AI score0.03557EPSS
Exploits1References1
osv
osv
added 2019/10/11 8:15 p.m.5 views

CVE-2019-17510

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php...

9.8CVSS7.6AI score
Exploits0References1
nvd
nvd
added 2019/10/11 8:15 p.m.29 views

CVE-2019-17510

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php...

10CVSS9.9AI score0.03557EPSS
Exploits1References1
prion
prion
added 2019/10/11 8:15 p.m.21 views

Design/Logic Flaw

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php...

10CVSS9.8AI score0.03557EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2019/10/11 7:28 p.m.34 views

CVE-2019-17510

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php...

9.9AI score0.03557EPSS
Exploits1References1
Rows per page
Query Builder