Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2024/05/02 10:10 a.m.27 views

New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw

A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 CVSS score: 9.8, which affects D-Link DIR-645...

10CVSS8.6AI score0.97101EPSS
Exploits2
The Hacker News
The Hacker News
added 2022/09/07 6:57 a.m.99 views

Mirai Variant MooBot Botnet Exploiting D-Link Router Vulnerabilities

A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits. "If the devices are compromised, they will be fully controlled by attackers, who could utilize those devices to conduct further...

10CVSS2.6AI score0.97101EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2015/06/10 12:0 a.m.1025 views

D-Link Router HNAP GetDeviceSettings Remote Command Execution

The remote D-Link device is affected by a remote command execution vulnerability due to a flaw in the GetDeviceSettings functionality of the HNAP Home Network Administration Protocol server. A remote attacker can exploit this, via a crafted SOAPAction header, to bypass authentication and inject...

10CVSS9AI score0.97101EPSS
Exploits2References2
Circl
Circl
added 2015/06/01 12:0 a.m.15 views

CVE-2015-2051

creationtimestamp| type| source ---|---|--- 2015-06-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37171 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dlinkhnapheaderexecnoauth.rb 2019-01-25 17:02:02+00:0...

10CVSS7.1AI score0.97101EPSS
In wildExploits2References22
CVE
CVE
added 2015/02/23 5:0 p.m.1114 views

CVE-2015-2051

CVE-2015-2051 describes a remote command execution in D-Link DIR-645 (Wired/Wireless Router) Rev. Ax with firmware 1.04b12 and earlier via the HNAP GetDeviceSettings action. The flaw allows an unauthenticated attacker to trigger arbitrary commands through the HNAP SOAP interface, leading to full ...

10CVSS9.5AI score0.97101EPSS
In wildExploits2References6Affected Software1
Rows per page
Query Builder