4 matches found
CVE-2024-48634
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the key parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
PT-2022-7092 · D Link · D-Link Dir-878 +1
Name of the Vulnerable Software and Affected Versions: D-Link DIR-882 versions DIR882A1 FW130B06 D-Link DIR-878 versions DIR 878 FW1.30B08 Description: The issue is related to a buffer overflow in the SetWLanRadioSecurity module of the D-Link DIR-882 and DIR-878 wireless router firmware. This can...
CVE-2022-37130
In D-Link DIR-816 A2v1.10CNB04, DIR-878 DIR878FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability...
PT-2022-23828 · D Link · D-Link Dir-878 +1
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 versions A2 v1.10CNB04 D-Link DIR-878 version DIR 878 FW1.30B08 Description: A command injection issue occurs in the /goform/Diagnosis endpoint, where the setnum variable is spliced into v10 by snprintf, allowing system executi...