Lucene search
+L

295 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:10 a.m.13 views

CVE-2024-20895

Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features...

7.7CVSS6.7AI score0.00143EPSS
Exploits0References1
CNVD
CNVD
added 2024/09/23 12:0 a.m.8 views

D-Link DAR-7000 Operating System Command Injection Vulnerability

D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. An OS command injection vulnerability exists in the D-Link DAR-7000 20240912 and earlier versions, which stems from the parameter host in the file /view/DBManage/BackupServercommit.php that can lead to OS command...

9.8CVSS7.6AI score0.16194EPSS
Exploits1References1
NVD
NVD
added 2024/09/19 9:15 p.m.21 views

CVE-2024-9004

A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/BackupServercommit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploi...

9.8CVSS0.16194EPSS
Exploits1References6
OSV
OSV
added 2024/09/19 9:15 p.m.5 views

CVE-2024-9004

A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/BackupServercommit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploi...

9.8CVSS5.5AI score0.16194EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/09/19 9:0 p.m.13 views

CVE-2024-9004 D-Link DAR-7000 Backup_Server_commit.php os command injection

A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/BackupServercommit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploi...

6.5CVSS7.5AI score0.16194EPSS
Exploits1References6
CVE
CVE
added 2024/09/19 9:0 p.m.53 views

CVE-2024-9004

D-Link DAR-7000 is affected by an OS command injection in the file /view/DBManage/Backup_Server_commit.php via manipulation of the host argument. Exploitation is remote and the vulnerability impacts versions up to 20240912; several sources note the exploit has been disclosed publicly. Root cause ...

9.8CVSS7.2AI score0.16194EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2024/09/19 9:0 p.m.26 views

CVE-2024-9004 D-Link DAR-7000 Backup_Server_commit.php os command injection

A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/BackupServercommit.php. The manipulation of the argument host leads to os command injection. It is possible to launch the attack remotely. The exploi...

6.5CVSS0.16194EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2024 Release 1 version and earlier versions, which stems from the DualDarManagerProx...

6.6CVSS6.5AI score0.00127EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.4 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Aug-2024 Release 1 prior to version 1, which stems from a mishandling of insufficient...

5.5CVSS6.5AI score0.0013EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/08/06 12:0 a.m.6 views

VulnCheck KEV: CVE-2023-5148

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 and DAR-8000 up to 20151231. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument fileupload leads to unrestricted upload. The...

8.8CVSS5.6AI score0.3066EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/09 12:0 a.m.47 views

Code Issue Vulnerability in DAR-7000 at AUO Electronic Devices (Shanghai) Co.

DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. AUO Electronic Devices Shanghai Co. A code issue vulnerability exists in the DAR-7000, which stems from the file parameter of /log/decodmail.php being able to deserialize certain content. No details of the vulnerability are...

8.8CVSS6.9AI score0.0308EPSS
Exploits1References1
OSV
OSV
added 2024/07/05 1:15 p.m.3 views

CVE-2024-6525

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20230922. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to deserialization. The attack may be launched...

8.8CVSS4.8AI score0.0308EPSS
Exploits1References5
NVD
NVD
added 2024/07/05 1:15 p.m.24 views

CVE-2024-6525

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20230922. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to deserialization. The attack may be launched...

8.8CVSS0.0308EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/07/05 1:0 p.m.17 views

CVE-2024-6525 D-Link DAR-7000 decodmail.php deserialization

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20230922. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to deserialization. The attack may be launched...

5.1CVSS6.8AI score0.0308EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/07/05 1:0 p.m.43 views

CVE-2024-6525 D-Link DAR-7000 decodmail.php deserialization

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20230922. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to deserialization. The attack may be launched...

5.1CVSS0.0308EPSS
Exploits1References5
CVE
CVE
added 2024/07/05 1:0 p.m.66 views

CVE-2024-6525

CVE-2024-6525 describes a deserialization vulnerability in the D-Link DAR-7000, affecting the /log/decodmail.php file. The issue arises from manipulating the file parameter to trigger deserialization, potentially allowing remote exploitation. Multiple sources confirm the affected product line (DA...

8.8CVSS4.4AI score0.0308EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2024/07/05 12:0 a.m.6 views

D-Link DAR-7000 代码问题漏洞

DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. AUO Electronic Devices Shanghai Co. A code issue vulnerability exists in the DAR-7000, which stems from the file parameter of /log/decodmail.php being able to deserialize certain content. No details of the vulnerability are...

8.8CVSS7AI score0.0308EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/07/05 12:0 a.m.8 views

PT-2024-6150 · D Link · D-Link Dar-7000

Name of the Vulnerable Software and Affected Versions: D-Link DAR-7000 up to 20230922 Description: A vulnerability was found in the file /log/decodmail.php of the D-Link DAR-7000, related to deserialization issues. The manipulation of the file argument leads to deserialization. The attack may be...

9CVSS4.9AI score0.0308EPSS
Exploits1References14
NVD
NVD
added 2024/07/02 10:15 a.m.34 views

CVE-2024-20895

Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features...

7.7CVSS0.00143EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/02 9:20 a.m.17 views

CVE-2024-20895

Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features...

7.7CVSS6.9AI score0.00143EPSS
Exploits0References1
Rows per page
Query Builder