Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.11 views

CVE-2020-24578

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files such as the password hash file...

6.5CVSS7.1AI score0.01848EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:47 p.m.8 views

CVE-2021-33346

There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization...

9.8CVSS7AI score0.01223EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:2 p.m.12 views

CVE-2020-27862

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...

8.8CVSS7.1AI score0.01375EPSS
Exploits0
CNVD
CNVD
added 2021/06/25 12:0 a.m.18 views

D-LINK DSL-2888A Arbitrary Password Change Vulnerability

The D-LINK DSL-2888A is a unified services router from D-link China.A security vulnerability exists in the D-LINK DSL-2888A, which could be exploited by attackers to make unauthorized changes to the administrator user's password...

9.8CVSS4.5AI score0.01223EPSS
Exploits1References1
Prion
Prion
added 2021/06/24 4:15 p.m.11 views

Authorization

There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization...

5CVSS9.4AI score0.01223EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/06/24 3:1 p.m.17 views

CVE-2021-33346

There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization...

9.6AI score0.01223EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2021/06/01 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-24581

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It contains an executecmd.cgi feature that is not reachable via the web user interface that lets an authenticated user execute Operating System commands...

8CVSS7.3AI score0.12649EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/02/11 12:0 a.m.9 views

D-Link DVA-2800 and DSL-2888A 命令注入漏洞

The D-link DSL-2888A is a Unified Services Router from China AUO D-link. A command injection vulnerability exists in the D-Link DVA-2800 and DSL-2888A firmware, which arises from a network system or product that does not properly filter specific elements of externally inputted data during the...

8.8CVSS7.4AI score0.01375EPSS
Exploits0References3
CNVD
CNVD
added 2021/01/12 12:0 a.m.5 views

D-link DSL-2888A Information Disclosure Vulnerability

The D-link DSL-2888A is a Unified Services Router from China AUO D-link. An information disclosure vulnerability exists in D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55, which originates from the disclosure of sensitive information in the response body, such as hashed admin...

7.5CVSS6.3AI score0.19061EPSS
Exploits1References1
OSV
OSV
added 2021/01/08 7:15 a.m.6 views

CVE-2020-24577

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. The One Touch application discloses sensitive information, such as the hashed admin login password and the Internet provider connection username and cleartext password, in the application's response body...

7.5CVSS7.1AI score0.19061EPSS
Exploits1References3
Prion
Prion
added 2021/01/08 7:15 a.m.13 views

Default credentials

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. The One Touch application discloses sensitive information, such as the hashed admin login password and the Internet provider connection username and cleartext password, in the application's response body...

5CVSS7.6AI score0.19061EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/01/08 12:0 a.m.6 views

D-link DSL-2888A 安全漏洞

The D-link DSL-2888A is a Unified Services Router from China AUO D-link. An information disclosure vulnerability exists in D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55, which originates from the disclosure of sensitive information in the response body, such as hashed admin...

7.5CVSS7.1AI score0.19061EPSS
Exploits1References4
CNVD
CNVD
added 2020/12/23 12:0 a.m.4 views

D-Link DSL-2888A Operating System Command Execution Vulnerability

The D-link DSL-2888A is a Unified Services Router from D-link China. An operating system command execution vulnerability exists in the D-Link DSL-2888A. An attacker can exploit the vulnerability to allow an authenticated user to execute operating system commands...

8CVSS7.3AI score0.12649EPSS
Exploits1References1
CNVD
CNVD
added 2020/12/23 12:0 a.m.4 views

D-Link DSL-2888A License Issue Vulnerability

The D-link DSL-2888A is a Unified Services Router from D-link China. An authorization issue vulnerability exists in the D-Link DSL-2888A devices with firmware, which can be exploited by an attacker to assign a static IP address that has been previously used by a valid user...

7.5CVSS6.9AI score0.01331EPSS
Exploits1References1
OSV
OSV
added 2020/12/22 7:15 p.m.5 views

CVE-2020-24578

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files such as the password hash file...

6.5CVSS5.8AI score0.01848EPSS
Exploits1References2
OSV
OSV
added 2020/12/22 7:15 p.m.3 views

CVE-2020-24580

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user...

7.5CVSS7.1AI score0.01331EPSS
Exploits1References2
NVD
NVD
added 2020/12/22 7:15 p.m.24 views

CVE-2020-24579

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality...

8.8CVSS8.9AI score0.09997EPSS
Exploits1References2
OSV
OSV
added 2020/12/22 7:15 p.m.5 views

CVE-2020-24579

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality...

8.8CVSS7.3AI score0.09997EPSS
Exploits1References2
NVD
NVD
added 2020/12/22 7:15 p.m.30 views

CVE-2020-24580

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user...

7.5CVSS7.7AI score0.01331EPSS
Exploits1References2
Prion
Prion
added 2020/12/22 7:15 p.m.10 views

Design/Logic Flaw

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files such as the password hash file...

3.3CVSS6.6AI score0.01848EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder