Lucene search
+L

4 matches found

Prion
Prion
added 2022/02/17 10:15 p.m.21 views

Remote code execution

Remote Code Execution RCE vulnerability exists in D-Link Router DIR-846 DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicious users can use this vulnerability to use "\ " or backticks to bypass the shell metacharacters in the ssid0 or ssid1 parameters to execute arbitrary commands.Th...

10CVSS9.9AI score0.06573EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2022/02/17 9:27 p.m.106 views

CVE-2021-46319

CVE-2021-46319 is linked to a D-Link DIR-846 RCE issue previously observed as CVE-2019-17509. Connected sources describe a remote code execution path in DIR-846 devices, where an attacker can bypass shell metacharacters in ssid0/ssid1 via crafted input to execute arbitrary OS commands as root (e....

10CVSS9.9AI score0.06573EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2019/10/17 12:0 a.m.91 views

YouPHPTube /objects/subscribeNotify.json.php user_id SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.4AI score0.00966EPSS
Exploits0
CVE
CVE
added 2019/10/11 7:29 p.m.230 views

CVE-2019-17509

CVE-2019-17509 affects D-Link DIR-846 devices with firmware 100A35. Remote attackers with admin access can execute arbitrary OS commands as root by sending a crafted /HNAP1/ SetMasterWLanSettings request to /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php using shell metacharacters. The...

10CVSS9.8AI score0.03484EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder