5 matches found
D-Link DIR-846 Command Injection Vulnerability (CNVD-2023-21666)
D-Link DIR-846 is a wireless router from D-Link, China. d-link DIR-846 A1FW100A43 has a command injection vulnerability, which originates from the autoupgradehour parameter in the SetAutoUpgradeInfo function fails to properly filter the construct command special characters The vulnerability can b...
CVE-2022-46642
D-Link DIR-846 A1FW100A43 was discovered to contain a command injection vulnerability via the autoupgradehour parameter in the SetAutoUpgradeInfo function...
Command injection
D-Link DIR-846 A1FW100A43 was discovered to contain a command injection vulnerability via the autoupgradehour parameter in the SetAutoUpgradeInfo function...
CVE-2022-46642
D-Link DIR-846 A1FW100A43 was discovered to contain a command injection vulnerability via the autoupgradehour parameter in the SetAutoUpgradeInfo function...
CVE-2022-46642
CVE-2022-46642 affects the D‑Link DIR‑846 A1 with firmware FW100A43. The root cause is improper input handling in the SetAutoUpgradeInfo function, where the parameter auto_upgrade_hour can be used to construct and execute commands, resulting in a remote command injection vulnerability. Impact per...