14 matches found
EUVD-2024-48955
Malicious code in bioql PyPI...
EUVD-2024-48960
Malicious code in bioql PyPI...
EUVD-2025-4675
Malicious code in bioql PyPI...
D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability
D-Link DCS-2530L and DCS-2670L devices contains a command injection vulnerability in the cgi-bin/ddnsenc.cgi. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...
CVE-2025-6896
CVE-2025-6896 affects D-Link DI-7300G+ (0) with firmware version 19.12.25A1. The vulnerability is in an unknown function of wget_test.asp, where improper handling of the url parameter enables os command injection. Impact is remote, with exploitation disclosed publicly. Several sources (NVD/Red Ha...
CVE-2025-5492
A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...
CVE-2024-7922
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by thi...
CVE-2024-48636
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2024-48637
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
CVE-2022-44928
D-Link DVG-G5402SP GE1.03 was discovered to contain a command injection vulnerability via the Maintenance function...
CVE-2025-4453
A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This affects the function formSysCmd. The manipulation of the argument sysCmd leads to command injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure...
CVE-2023-26822
D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main...
PT-2022-23444 · D Link · D-Link Go-Rt-Ac750
Name of the Vulnerable Software and Affected Versions: D-Link Go-RT-AC750 versions GORTAC750 revA v101b03 through GO-RT-AC750 revB FWv200b02 Description: The issue concerns command injection via the "/htdocs/upnpinc/gena.php" API endpoint. This allows for potential malicious commands to be...
PT-2022-1561 · D Link · Di-7200Gv2.E1
Name of the Vulnerable Software and Affected Versions: D-Link device DI-7200GV2.E1 version 21.04.09E1 Description: The issue is related to a command injection vulnerability in the usb paswd.asp function. This vulnerability allows attackers to execute arbitrary commands via the name parameter. The...