42 matches found
CVE-2023-44694
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php...
CVE-2024-9004 D-Link DAR-7000 Backup_Server_commit.php os command injection
A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/BackupServercommit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploi...
VulnCheck KEV: CVE-2023-5148
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 and DAR-8000 up to 20151231. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument fileupload leads to unrestricted upload. The...
CVE-2024-6525
CVE-2024-6525 describes a deserialization vulnerability in the D-Link DAR-7000, affecting the /log/decodmail.php file. The issue arises from manipulating the file parameter to trigger deserialization, potentially allowing remote exploitation. Multiple sources confirm the affected product line (DA...
SQL Injection Vulnerability in DAR-7000 of AUO Electronic Equipment (Shanghai) Co.
DAR-7000 is an Internet Behavior Audit Gateway from AUO Electronic Devices Shanghai Co. AUO DAR-7000 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter id of the file /user/inc/workidajax.php for externally entered SQL statements. The...
D-Link DAR-7000 SQL注入漏洞
DAR-7000 is an Internet Behavior Audit Gateway from AUO Electronic Devices Shanghai Co. AUO DAR-7000 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter id of the file /user/inc/workidajax.php for externally entered SQL statements. The...
Sql injection
SQL injection vulnerability in D-Link Online behavior audit gateway DAR-7000 V31R02B1413C allows a remote attacker to obtain sensitive information and execute arbitrary code via the editrole.php component...
CVE-2023-42406
CVE-2023-42406 affects D-Link DAR-7000 Online Behavior Audit Gateway (V31R02B1413C). The vulnerability is an SQL injection in the editrole.php component that allows a remote attacker to obtain sensitive information and execute arbitrary code. CVSS-3.1 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/...
The vulnerability of the /log/mailrecvview.php file in the D-Link DAR-7000 router microprogramming system allows a hacker to execute arbitrary SQL code.
The vulnerability of the /log/mailrecvview.php file in the D-Link DAR-7000 router microprogramming system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
D-Link DAR-7000 mailrecvview.php File SQL Injection Vulnerability
D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A SQL injection vulnerability exists in the D-Link DAR-7000 mailrecvview.php file, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
D-Link DAR-7000 importexport.php file SQL injection vulnerability
D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A SQL injection vulnerability exists in the D-Link DAR-7000 importexport.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data...
CVE-2023-44693
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php...
CVE-2023-44694
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php...
Sql injection
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php...
Sql injection
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php...
CVE-2023-44693
D-Link DAR-7000 Online Behavior Audit Gateway (model DAR-7000, version V31R02B1413C) is reported vulnerable to SQL injection via the importexport.php endpoint. The CVE-2023-44693 entry identifies the vulnerability as a SQL injection in importexport.php, with the impacted device exposing a high-se...
CVE-2023-44694
CVE-2023-44694 affects D-Link DAR-7000 Online Behavior Audit Gateway (DAR-7000) with SQL injection in /log/mailrecvview.php, specifically in version V31R02B1413C. Root cause is lack of protection against SQL query structure attacks in the mailrecvview.php endpoint, enabling arbitrary SQL executio...
CVE-2023-44693
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php...
CVE-2023-44693
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php...
CVE-2023-44694
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php...