3 matches found
D-Link DIR-820 Devices Command Injection (CVE-2023-25280)
OS Command injection vulnerability in D-Link DIR-820 allows attackers to escalate privileges to root via a crafted payload with the pingaddr parameter to ping.ccp. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
CVE-2023-25280
OS Command injection vulnerability in D-Link DIR820LA1FW105B03 allows attackers to escalate privileges to root via a crafted payload with the pingaddr parameter to ping.ccp...
CVE-2023-25280
CVE-2023-25280 affects D-Link DIR820LA1_FW105B03 (and related DIR-820L/DIR-820 routers) with an OS command injection via the ping_addr parameter in ping.ccp. Root privileges can be gained by an unauthenticated attacker, per connected documents, with CVSS 3.1 base score 9.8 (CRITICAL, NETWORK vect...