21 matches found
CVE-2023-4711
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...
EUVD-2024-44297
Malicious code in bioql PyPI...
CVE-2024-4699
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...
DAR-8000-10 Deserialization Vulnerability in AUO Electronic Devices (Shanghai) Co.
DAR-8000-10 is the Internet Behavior Audit Gateway from China AUO D-Link. AUO DAR-8000-10 20230922 and earlier versions have a deserialization vulnerability that originates from the unsafe deserialization of the parameter sql of the file /importhtml.php when receiving serialized data submitted by...
CVE-2024-4699
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...
CVE-2024-4699
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...
CVE-2024-4699 D-Link DAR-8000-10 importhtml.php deserialization
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...
CVE-2024-4699 D-Link DAR-8000-10 importhtml.php deserialization
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...
CVE-2024-4699
Summary (CVE-2024-4699): D-Link DAR-8000-10 (up to 20230922) is affected by a deserialization vulnerability in the /importhtml.php endpoint. The issue arises from manipulating the sql parameter, enabling remote code execution through unsafe deserialization. This vulnerability is documented across...
The vulnerability of the decodmail.php script in the D-Link DAR-8000-10 router’s software allows a hacker to execute arbitrary commands.
The vulnerability of the decodmail.php script in the D-Link DAR-8000-10 router microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
CVE-2023-4711
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...
Command injection
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...
CVE-2023-4711 D-Link DAR-8000-10 decodmail.php os command injection
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...
CVE-2023-4711 D-Link DAR-8000-10 decodmail.php os command injection
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...
CVE-2023-4711
The connected sources confirm CVE-2023-4711 affects D-Link DAR-8000-10 and relates to an OS command injection in /log/decodmail.php via manipulation of the file parameter. The root cause is improper filtering of command-related input, enabling remote exploitation with high impact (execution of ar...
CVE-2023-4542
A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...
CVE-2023-4542
A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...
Command injection
A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...
CVE-2023-4542 D-Link DAR-8000-10 sys1.php os command injection
A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...
CVE-2023-4542
CVE-2023-4542 affects D-Link DAR-8000-10 (up to 20230809). The vulnerability arises from the id parameter in /app/sys1.php, enabling remote OS command injection via cmd, potentially allowing unauthenticated arbitrary command execution. Public exploit/poc exists (e.g., GitHub). Remediation: update...