25 matches found
CVE-2020-24578
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files such as the password hash file...
CVE-2021-33346
There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization...
CVE-2020-27862
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...
D-LINK DSL-2888A Arbitrary Password Change Vulnerability
The D-LINK DSL-2888A is a unified services router from D-link China.A security vulnerability exists in the D-LINK DSL-2888A, which could be exploited by attackers to make unauthorized changes to the administrator user's password...
Authorization
There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization...
CVE-2021-33346
There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization...
VulnCheck KEV: CVE-2020-24581
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It contains an executecmd.cgi feature that is not reachable via the web user interface that lets an authenticated user execute Operating System commands...
D-Link DVA-2800 and DSL-2888A 命令注入漏洞
The D-link DSL-2888A is a Unified Services Router from China AUO D-link. A command injection vulnerability exists in the D-Link DVA-2800 and DSL-2888A firmware, which arises from a network system or product that does not properly filter specific elements of externally inputted data during the...
D-link DSL-2888A Information Disclosure Vulnerability
The D-link DSL-2888A is a Unified Services Router from China AUO D-link. An information disclosure vulnerability exists in D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55, which originates from the disclosure of sensitive information in the response body, such as hashed admin...
CVE-2020-24577
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. The One Touch application discloses sensitive information, such as the hashed admin login password and the Internet provider connection username and cleartext password, in the application's response body...
Default credentials
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. The One Touch application discloses sensitive information, such as the hashed admin login password and the Internet provider connection username and cleartext password, in the application's response body...
D-link DSL-2888A 安全漏洞
The D-link DSL-2888A is a Unified Services Router from China AUO D-link. An information disclosure vulnerability exists in D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55, which originates from the disclosure of sensitive information in the response body, such as hashed admin...
D-Link DSL-2888A Operating System Command Execution Vulnerability
The D-link DSL-2888A is a Unified Services Router from D-link China. An operating system command execution vulnerability exists in the D-Link DSL-2888A. An attacker can exploit the vulnerability to allow an authenticated user to execute operating system commands...
D-Link DSL-2888A License Issue Vulnerability
The D-link DSL-2888A is a Unified Services Router from D-link China. An authorization issue vulnerability exists in the D-Link DSL-2888A devices with firmware, which can be exploited by an attacker to assign a static IP address that has been previously used by a valid user...
CVE-2020-24578
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files such as the password hash file...
CVE-2020-24580
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user...
CVE-2020-24579
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality...
CVE-2020-24579
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality...
CVE-2020-24580
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user...
Design/Logic Flaw
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files such as the password hash file...