Lucene search
K

42 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.8 views

CVE-2019-12767

An issue was discovered on D-Link DAP-1650 devices before 1.04B02J65H Hot Fix. Attackers can execute arbitrary commands...

9.8CVSS7.7AI score0.02076EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-4352

Malware in sbrugna...

9.8CVSS9.4AI score0.02291EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4351

Malware in sbrugna...

9.8CVSS9.4AI score0.02076EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.11 views

CVE-2024-40505

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component...

9.3CVSS6.9AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:25 a.m.9 views

CVE-2019-12768

An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02J65H Hot Fix. Attackers can bypass authentication via forceful browsing...

9.8CVSS7.4AI score0.02291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:30 a.m.7 views

CVE-2024-23624

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

9.8CVSS7.8AI score0.25988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:23 a.m.9 views

CVE-2024-23625

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

9.8CVSS7.8AI score0.22836EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/07/19 12:0 a.m.16 views

D-Link DAP-1650 EOL Device Multiple Command Injection Vulnerabilities (Jan 2024)

D-Link DAP-1650 devices are prone to multiple command injection vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.8AI score0.25988EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/07/19 12:0 a.m.16 views

D-Link DAP-1650 EOL Device Directory Traversal Vulnerability (Jul 2024)

D-Link DAP-1650 devices are prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS9.4AI score0.00434EPSS
Exploits0References2
OSV
OSV
added 2024/07/16 8:15 p.m.6 views

CVE-2024-40505

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component...

9.3CVSS5.8AI score0.00434EPSS
Exploits0References2
NVD
NVD
added 2024/07/16 8:15 p.m.17 views

CVE-2024-40505

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component...

9.3CVSS0.00434EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.6 views

PT-2024-28884 · D Link · D-Link Dap-1650

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1650 Firmware version 1.03 Description: A Directory Traversal issue allows a local attacker to escalate privileges via the hedwig.cgi component. Recommendations: For D-Link DAP-1650 Firmware version 1.03, consider restricting acces...

9.3CVSS7.3AI score0.00434EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/07/16 12:0 a.m.24 views

CVE-2024-40505

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component...

9.1AI score0.00434EPSS
Exploits0References2
CVE
CVE
added 2024/07/16 12:0 a.m.66 views

CVE-2024-40505

Summary: CVE-2024-40505 is a directory traversal vulnerability in D-Link DAP-1650 firmware v1.03, exploitable by a local attacker via hedwig.cgi to achieve privilege escalation. The vulnerability affects the device’s firmware components and has a high impact on confidentiality, integrity, and ava...

9.3CVSS9.1AI score0.00434EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/16 12:0 a.m.18 views

CVE-2024-40505

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component...

0.00434EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.6 views

The vulnerability of the gena.cgi module in D-Link DAP-1650 wireless access points allows a intruder to execute arbitrary commands.

The vulnerability of the gena.cgi module in D-Link DAP-1650 wireless access points is related to improper validation of input data during the processing of UPnP SUBSCRIBE messages. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using specially crafted data...

10CVSS8.2AI score0.25988EPSS
Exploits0References5
Prion
Prion
added 2024/01/26 12:15 a.m.13 views

Command injection

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

8.3CVSS8AI score0.25988EPSS
Exploits0References1
Prion
Prion
added 2024/01/26 12:15 a.m.19 views

Command injection

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

8.3CVSS8.1AI score0.22836EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/26 12:0 a.m.3 views

D-Link DAP-1650 Command Injection Vulnerability

The D-Link DAP-1650 is a WiFi range extender from China AUO D-Link. A security vulnerability exists in the D-Link DAP-1650 that stems from a command injection vulnerability in the gena.cgi module...

9.8CVSS7.6AI score0.25988EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/25 11:41 p.m.3 views

CVE-2024-23625 D-Link DAP-1650 SUBSCRIBE Callback Command Injection Vulnerability

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

9.6CVSS9.9AI score0.22836EPSS
Exploits0References1
Rows per page
Query Builder