Lucene search
+L

17411 matches found

EUVD
EUVD
added 2026/07/09 7:45 p.m.8 views

EUVD-2026-42692

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS6.4AI score0.00443EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/09 7:45 p.m.36 views

CVE-2026-15270 D-link DIR-823G Web boa.conf least privilege violation

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS0.00443EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/09 7:45 p.m.10 views

CVE-2026-15270

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS6.4AI score0.00443EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.9 views

PT-2026-56920

Name of the Vulnerable Software and Affected Versions D-link DIR-823G version 1.0.2B05 20181207 Description A weakness exists in the Web Interface component within the /etc/boa/boa.conf file. A remote attacker can perform a manipulation that leads to a least privilege violation. This attack is...

7.7CVSS6.8AI score0.00443EPSS
Exploits0References10
NVD
NVD
added 2026/06/29 9:16 a.m.10 views

CVE-2026-13545

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS0.02706EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/29 7:0 a.m.8 views

EUVD-2026-40045

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS7AI score0.02706EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/06/29 7:0 a.m.37 views

CVE-2026-13545 D-Link DCS-935L POST Parameter setconf.cgi sub_400E40 os command injection

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS0.02706EPSS
Exploits1References6
CVE
CVE
added 2026/06/29 7:0 a.m.18 views

CVE-2026-13545

CVE-2026-13545 affects D-Link DCS-935L 1.10.01. The vulnerability is in the function sub_400E40 of setconf.cgi (POST Parameter Handler); manipulating the UID argument enables an OS command injection. The attack can be launched remotely, and the exploit has been disclosed publicly. CVSS metrics in...

9CVSS7AI score0.02706EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.10 views

PT-2026-53222

Name of the Vulnerable Software and Affected Versions D-Link DCS-935L version 1.10.01 Description An OS command injection flaw exists in the POST Parameter Handler component. The issue occurs within the sub 400E40 function of the setconf.cgi file. A remote attacker can exploit this by manipulatin...

9CVSS7.6AI score0.02706EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2026/06/22 12:0 a.m.7 views

The vulnerability in the webfile_mgrc.ipl software for D-Link DNS-320 allows a hacker to execute arbitrary commands.

The vulnerability in the webfilemgrc.cgi script of the D-Link DNS-320 network storage software exists due to the lack of measures taken to neutralize special elements used in the operating system’s command syntax. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...

9CVSS6.3AI score0.05587EPSS
Exploits1References4Affected Software1
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.125 views

D-Link Network Attached Storage - Command Injection and Backdoor Account

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument...

9.8CVSS7.2AI score0.99997EPSS
Exploits8References5
NVD
NVD
added 2026/06/13 9:16 p.m.16 views

CVE-2026-12174

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS0.00582EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/13 8:15 p.m.13 views

CVE-2026-12174 D-Link DCS-935L HTTP rhea snprintf format string

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS7.6AI score0.00582EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/13 8:15 p.m.37 views

CVE-2026-12174 D-Link DCS-935L HTTP rhea snprintf format string

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS0.00582EPSS
Exploits0References6
CVE
CVE
added 2026/06/13 8:15 p.m.32 views

CVE-2026-12174

CVE-2026-12174 affects D-Link DCS-935L firmware 1.10.01. The vulnerability is in the HTTP Handler’s function snprintf used by /web/cgi-bin/greece/rhea, allowing format-string manipulation. This can enable a remote attacker to exploit the flaw; public exploits have been disclosed. The available do...

9CVSS7.6AI score0.00582EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.18 views

PT-2026-49083

Name of the Vulnerable Software and Affected Versions D-Link DCS-935L version 1.10.01 Description A format string issue exists in the HTTP Handler component within the file '/web/cgi-bin/greece/rhea'. The problem occurs in the snprintf function when the data argument is manipulated, allowing a...

9CVSS7.3AI score0.00582EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.13 views

CVE-2026-11555

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...

7.5CVSS4.9AI score0.00405EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.12 views

CVE-2026-11497

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has bee...

8.8CVSS5.4AI score0.00432EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.13 views

CVE-2026-11492

A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performing a manipulation results in least privilege violation. The attack can be initiated remotely. The exploit has been released to...

8.8CVSS5.1AI score0.00511EPSS
Exploits1References1
NVD
NVD
added 2026/06/08 6:16 p.m.15 views

CVE-2026-11555

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...

7.5CVSS0.00405EPSS
Exploits0References6
Rows per page
Query Builder