CVE-2026-7067

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-7067

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

D-Link DIR-822 注入漏洞

The D-Link DIR-822 is a wireless router produced by D-Link Corporation. The D-Link DIR-822 A101 version has a vulnerability related to command injection. This vulnerability stems from the handling of the parameter “Hostname” in the system function of the udhcpd DHCP service, located in the...

CVE-2026-7067

CVE-2026-7067 refers to a command injection in D-Link DIR-822 A_101’s udhcpd DHCP Service (file /udhcpcd/dhcpd.c, function system). The vulnerability stems from manipulating the Hostname argument, enabling remote code execution. Exploitation is possible over the network, with a publicly disclosed...

CVE-2026-7067 D-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injection

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-7067 D-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injection

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

EUVD-2026-25737

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

CVE-2018-19986

In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the $pathinfwan1."/web" internal...

CVE-2024-34950

D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module...

EUVD-2019-15824

Malware in sbrugna...

EUVD-2023-56666

Malicious code in bioql PyPI...

EUVD-2024-35126

Malicious code in bioql PyPI...

D-Link DIR-822 Multiple Vulnerabilities (2018 - 2024)

D-Link DIR-822 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-33344

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of uploadfirmware.cgi, which allows remote attackers to execute arbitrary commands via shell...

CVE-2024-33343

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell...

CVE-2024-25331

DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution RCE vulnerability elevated from HNAP Stack-Based Buffer Overflow...

CVE-2024-33342

D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell...

CVE-2023-51987

D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords...

CVE-2023-51984

D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell...

CVE-2018-19990

In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and $rphyinf2."/media/wps/enrollee/pi...