Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.6 views

CVE-2023-4711

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...

8.1CVSS7AI score0.05769EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-44297

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0612EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:36 a.m.5 views

CVE-2024-4699

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...

6.5CVSS7AI score0.0612EPSS
Exploits1References1
CNVD
CNVD
added 2024/05/22 12:0 a.m.4 views

DAR-8000-10 Deserialization Vulnerability in AUO Electronic Devices (Shanghai) Co.

DAR-8000-10 is the Internet Behavior Audit Gateway from China AUO D-Link. AUO DAR-8000-10 20230922 and earlier versions have a deserialization vulnerability that originates from the unsafe deserialization of the parameter sql of the file /importhtml.php when receiving serialized data submitted by...

9.8CVSS7.2AI score0.0612EPSS
Exploits1References1
OSV
OSV
added 2024/05/14 3:44 p.m.4 views

CVE-2024-4699

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...

9.8CVSS6.2AI score0.0612EPSS
Exploits1References5
NVD
NVD
added 2024/05/14 3:44 p.m.19 views

CVE-2024-4699

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...

9.8CVSS6.5AI score0.0612EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/05/10 12:31 a.m.22 views

CVE-2024-4699 D-Link DAR-8000-10 importhtml.php deserialization

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...

6.5CVSS6.7AI score0.0612EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/05/10 12:31 a.m.14 views

CVE-2024-4699 D-Link DAR-8000-10 importhtml.php deserialization

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...

6.5CVSS7AI score0.0612EPSS
Exploits1References5
CVE
CVE
added 2024/05/10 12:31 a.m.38 views

CVE-2024-4699

Summary (CVE-2024-4699): D-Link DAR-8000-10 (up to 20230922) is affected by a deserialization vulnerability in the /importhtml.php endpoint. The issue arises from manipulating the sql parameter, enabling remote code execution through unsafe deserialization. This vulnerability is documented across...

9.8CVSS6.9AI score0.0612EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/06 12:0 a.m.6 views

The vulnerability of the decodmail.php script in the D-Link DAR-8000-10 router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the decodmail.php script in the D-Link DAR-8000-10 router microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

5.1CVSS6.5AI score0.05769EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/09/01 8:15 p.m.22 views

CVE-2023-4711

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...

8.1CVSS6.5AI score0.05769EPSS
Exploits1References3
Prion
Prion
added 2023/09/01 8:15 p.m.20 views

Command injection

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...

4.6CVSS8.3AI score0.05769EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/01 7:0 p.m.14 views

CVE-2023-4711 D-Link DAR-8000-10 decodmail.php os command injection

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...

5CVSS7.2AI score0.05769EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/09/01 7:0 p.m.19 views

CVE-2023-4711 D-Link DAR-8000-10 decodmail.php os command injection

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. Th...

5CVSS8.6AI score0.05769EPSS
Exploits1References3
CVE
CVE
added 2023/09/01 7:0 p.m.46 views

CVE-2023-4711

The connected sources confirm CVE-2023-4711 affects D-Link DAR-8000-10 and relates to an OS command injection in /log/decodmail.php via manipulation of the file parameter. The root cause is improper filtering of command-related input, enabling remote exploitation with high impact (execution of ar...

8.1CVSS6.5AI score0.05769EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/08/25 10:15 p.m.3 views

CVE-2023-4542

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...

9.8CVSS5.5AI score0.86533EPSS
Exploits1References3
NVD
NVD
added 2023/08/25 10:15 p.m.32 views

CVE-2023-4542

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...

9.8CVSS8.4AI score0.86533EPSS
Exploits1References3
Prion
Prion
added 2023/08/25 10:15 p.m.28 views

Command injection

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...

6.5CVSS9.7AI score0.86533EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/08/25 9:31 p.m.25 views

CVE-2023-4542 D-Link DAR-8000-10 sys1.php os command injection

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...

6.5CVSS10AI score0.86533EPSS
Exploits1References3
CVE
CVE
added 2023/08/25 9:31 p.m.81 views

CVE-2023-4542

CVE-2023-4542 affects D-Link DAR-8000-10 (up to 20230809). The vulnerability arises from the id parameter in /app/sys1.php, enabling remote OS command injection via cmd, potentially allowing unauthenticated arbitrary command execution. Public exploit/poc exists (e.g., GitHub). Remediation: update...

9.8CVSS8.4AI score0.86533EPSS
In wildExploits1References3Affected Software1
Rows per page
Query Builder