CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

173 matches found

EUVD•added 2026/04/09 6:30 a.m.•1 views

EUVD-2026-20855

A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...

8.6CVSS6.7AI score0.00118EPSS

Exploits1References6

CVE•added 2026/04/09 4:45 a.m.•6 views

CVE-2026-5844

The CVE-2026-5844 entry describes a vulnerability in D-Link DIR-882 (firmware 1.01B02) affecting the HNAP1 SetNetworkSettings handler, specifically the prog.cgi function sprintf. Manipulating the IPAddress argument triggers an OS command injection, with remote exploitation possible. Public exploi...

8.6CVSS6.7AI score0.00118EPSS

Exploits1References5Affected Software1

ATTACKERKB•added 2026/04/09 4:45 a.m.•2 views

CVE-2026-5844

8.6CVSS6.7AI score0.00118EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/04/09 4:45 a.m.•20 views

CVE-2026-5844 D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection

8.6CVSS0.00118EPSS

Exploits1References5

Vulnrichment•added 2026/04/09 4:45 a.m.•2 views

CVE-2026-5844 D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection

8.6CVSS6.7AI score0.00118EPSS

Exploits1References5

RedhatCVE•added 2025/11/14 12:1 a.m.•2 views

CVE-2025-60701

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub433188 function in prog.cgi stores user-supplied email configuration parameters EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, AccountName in NVRAM v...

6.5CVSS8.5AI score0.00347EPSS

Exploits1References1

RedhatCVE•added 2025/11/14 12:1 a.m.•1 views

CVE-2025-60698

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...

7.3CVSS8.5AI score0.00964EPSS

Exploits1References1

EUVD•added 2025/11/13 6:31 p.m.•2 views

EUVD-2025-175340

7.3CVSS7.9AI score0.00964EPSS

Exploits1References5

NVD•added 2025/11/13 6:15 p.m.•3 views

CVE-2025-60701

6.5CVSS0.00347EPSS

Exploits1References4

NVD•added 2025/11/13 6:15 p.m.•3 views

CVE-2025-60700

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and librcm.so binaries. The sub4455BC function in prog.cgi stores user-supplied SetDMZSettings/IPAddress values in NVRAM via nvramsafeset"dmzipaddr", .... These values are later...

6.5CVSS0.00347EPSS

Exploits1References4

NVD•added 2025/11/13 6:15 p.m.•1 views

CVE-2025-60698

7.3CVSS0.00964EPSS

Exploits1References4

Vulnrichment•added 2025/11/13 12:0 a.m.•2 views

CVE-2025-60697

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub4438A4 function in prog.cgi stores user-supplied DDNS parameters ServerAddress and Hostname in NVRAM via nvramsafeset. These values are later retrieved in th...

8.1AI score0.00964EPSS

Exploits1References4

Cvelist•added 2025/11/13 12:0 a.m.•4 views

CVE-2025-60701

0.00347EPSS

Exploits1References4

CNNVD•added 2025/11/13 12:0 a.m.•1 views

D-Link DIR-882 安全漏洞

The D-Link DIR-882 is a dual-band wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-882 DIR882A1FW102B02 version, which originates from a command injection in the prog.cgi and rc binaries, which could lead to the execution of arbitrary commands...

7.3CVSS7.5AI score0.00964EPSS

Exploits1References5

CVE•added 2025/11/13 12:0 a.m.•6 views

CVE-2025-60698

The CVE-2025-60698 issue affects D-Link DIR-882 router firmware DIR882A1_FW102B02, where SetSysLogSettings/IPAddress stored in NVRAM via nvram_safe_set can be read and concatenated into a shell command executed by twsystem() in the rc binary. The root cause is un-sanitized retrieval of nvram valu...

7.3CVSS8.1AI score0.00964EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/11/13 12:0 a.m.•3 views

CVE-2025-60698

8.1AI score0.00964EPSS

Exploits1References4

CNNVD•added 2025/11/13 12:0 a.m.•1 views

D-Link DIR-882 安全漏洞

The D-Link DIR-882 is a dual-band wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-882 DIR882A1FW102B02 version, which originates from a command injection in the prog.cgi and librcm.so binaries, which could lead to the execution of arbitrary commands...

6.5CVSS7.5AI score0.00347EPSS

Exploits1References5

CNNVD•added 2025/11/13 12:0 a.m.•1 views

D-Link DIR-882 安全漏洞

7.3CVSS7.5AI score0.00964EPSS

Exploits1References5

Vulnrichment•added 2025/11/13 12:0 a.m.•2 views

CVE-2025-60700

8.1AI score0.00347EPSS

Exploits1References4

Positive Technologies•added 2025/11/13 12:0 a.m.•2 views

PT-2025-46882

Name of the Vulnerable Software and Affected Versions D-Link DIR-882 Router firmware version DIR882A1 FW102B02 Description A command injection issue exists in the D-Link DIR-882 Router firmware. The sub 432F60 function within the prog.cgi binary stores user-supplied SetSysLogSettings/IPAddress...

7.3CVSS8.2AI score0.00964EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by