40 matches found
EUVD-2019-9213
Malware in sbrugna...
CVE-2019-19598
D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAPAUTH header timestamp value. In HTTP requests, part of the HNAPAUTH header is the timestamp used to determine the time when the user sent the request. If this value is equal to...
CVE-2019-19597
D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAPAUTH HTTP header...
CVE-2020-27864
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP...
CVE-2020-27865
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on T...
CVE-2020-15631
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
D-Link DAP-1860 Command Injection (CVE-2019-19597)
A command injection vulnerability exists in D-Link DAP-1860. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
VulnCheck KEV: CVE-2019-19597
D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAPAUTH HTTP header...
D-Link DAP-1860 Remote Code Execution Vulnerability (CNVD-2022-38538)
The D-Link DAP-1860 is a WiFi range extender from D-Link, a Taiwan-based company. The D-Link DAP-1860 is vulnerable to a remote code execution vulnerability that could be exploited by attackers to elevate privileges and execute code in the device context...
D-Link DAP-1860 Remote Code Execution Vulnerability (CNVD-2022-38539)
The D-Link DAP-1860 is a WiFi range extender from D-Link, a Taiwan-based company. A remote code execution vulnerability exists in the D-Link DAP-1860, which stems from a network system or product that does not properly filter external input data during the construction of executable commands, and...
CVE-2020-27865
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on T...
CVE-2020-27865
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on T...
CVE-2020-27864
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP...
CVE-2020-27864
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on T...
CVE-2020-27865
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on T...
CVE-2020-27865
The CVE-2020-27865 entry concerns the D-Link DAP-1860 WiFi extender (firmware 1.04B03). A flaw in the uhttpd service causes incorrect string matching when accessing protected pages, enabling network-adjacent attackers to bypass authentication and execute arbitrary code with device privileges. Mul...
CVE-2020-27864
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP...
CVE-2020-27864
CVE-2020-27864 affects D-Link DAP-1860 WiFi extenders (firmware 1.04B03). The flaw is in the HNAP service listening on TCP port 80, where the Authorization header is parsed without proper validation and is used to invoke a system call, allowing remote, network-adjacent attackers to execute arbitr...