Lucene search
K

17406 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.12 views

CVE-2026-10270

A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpddebug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public...

9CVSS8.2AI score0.00687EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.10 views

CVE-2026-6012

A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out...

9CVSS8.2AI score0.00715EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-6014

A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup of the component POST Request Handler. This manipulation of the argument webpage causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS8.1AI score0.00734EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.10 views

CVE-2026-6947

DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, allowing unauthenticated adjacent network attackers to bypass login attempt limits to perform brute-force attacks to gain control over the device...

8.7CVSS5.5AI score0.00454EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.13 views

CVE-2026-6013

A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from remote. The explo...

9CVSS8.1AI score0.0074EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.9 views

CVE-2026-42373

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

9.8CVSS5.5AI score0.00472EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42374

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

9.8CVSS5.5AI score0.00472EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 6:17 p.m.12 views

CVE-2026-11341

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS0.01044EPSS
Exploits0References6
NVD
NVD
added 2026/06/05 5:16 p.m.32 views

CVE-2026-11339

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

8.8CVSS0.03133EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/06/05 4:45 p.m.40 views

CVE-2026-11341 D-Link DWR-M920 formIMEISetup sub_412DA0 os command injection

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS0.01044EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/05 4:45 p.m.11 views

EUVD-2026-34860

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.01044EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/05 4:45 p.m.7 views

CVE-2026-11341

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.01044EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/05 4:30 p.m.10 views

CVE-2026-11339 D-Link DWR-M920 formUSSDSetup sub_41CF20 command injection

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03133EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/05 4:30 p.m.12 views

EUVD-2026-34859

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

6.5CVSS5.4AI score0.03133EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/06/05 4:30 p.m.53 views

CVE-2026-11339 D-Link DWR-M920 formUSSDSetup sub_41CF20 command injection

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

6.5CVSS0.03133EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/06/05 4:30 p.m.10 views

CVE-2026-11339

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03133EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/05 4:30 p.m.33 views

CVE-2026-11339

A vulnerability affects D-Link DWR-M920 firmware up to version 1.1.50 . The flaw is located in the function sub_41CF20 within the file /boafrm/formUSSDSetup ; manipulating the argument ussdValue enables command injection . It can be exploited remotely, and multiple sources note that the exploit i...

8.8CVSS6.4AI score0.03133EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2026/06/05 12:16 a.m.9 views

CVE-2026-10878

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

8.8CVSS0.04236EPSS
Exploits1References6
CVE
CVE
added 2026/06/05 12:0 a.m.31 views

CVE-2026-10878

Summary of vulnerability : CVE-2026-10878 affects D-Link DWR-M920 firmware versions 1.1.50 and 1.1.70. The issue resides in the function sub_41C8E8 of /boafrm/formSmsManage, where manipulation of the argument action_value leads to a command injection . The vulnerability enables remote exploitatio...

8.8CVSS6.5AI score0.04236EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 12:0 a.m.9 views

CVE-2026-10878

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

8.8CVSS6.4AI score0.04236EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder