Lucene search
K

896 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.11 views

CVE-2026-4377

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

6CVSS5.5AI score0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42372

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

8.8CVSS5.5AI score0.003EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.12 views

CVE-2026-42376

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

9.8CVSS5.5AI score0.00461EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/05 4:45 p.m.9 views

CVE-2026-11341 D-Link DWR-M920 formIMEISetup sub_412DA0 os command injection

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.01044EPSS
Exploits0References6
CVE
CVE
added 2026/06/05 4:45 p.m.22 views

CVE-2026-11341

The CVE-2026-11341 affects the D-Link DWR-M920 series up to firmware 1.1.50. The vulnerability is in the function sub_412DA0 of /boafrm/formIMEISetup, where improper handling of the IMEI_value enables an OS command injection. What is vulnerable: the specific function and file path in the device’s...

6.5CVSS6.4AI score0.01044EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/05 12:0 a.m.48 views

CVE-2026-10878 D-Link DWR-M920 formSmsManage sub_41C8E8 command injection

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

6.5CVSS0.04236EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

D-Link DWR-M920 命令注入漏洞

The D-Link DWR-M920 is a router produced by D-Link Corporation. Versions of the D-Link DWR-M920 prior to 1.1.50 contained a command injection vulnerability. This vulnerability stemmed from improper handling of the ussdValue parameter in the sub41CF20 function found in the /boafrm/formUSSDSetup...

8.8CVSS6.4AI score0.03133EPSS
Exploits1References7
EUVD
EUVD
added 2026/05/28 12:30 p.m.17 views

EUVD-2026-32860

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

6CVSS5.8AI score0.00141EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:2 a.m.22 views

CVE-2026-4377

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

6CVSS5.8AI score0.00141EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

D-Link DWR-X1820 安全漏洞

The D-Link DWR-X1820 is a wireless router produced by D-Link Corporation. The D-Link DWR-X1820 has a security vulnerability. This vulnerability stems from the use of weak default passwords generated from the IMEI number, and no requirement is placed on users to change them. As a result, attackers...

6CVSS5.8AI score0.00141EPSS
Exploits0References2
NVD
NVD
added 2026/05/23 7:16 p.m.13 views

CVE-2018-25358

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

8.7CVSS0.00585EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/23 12:0 a.m.11 views

D-Link DIR-601 安全漏洞

The D-Link DIR-601 is a home wireless router produced by D-Link Corporation. The D-Link DIR-601 2.02NA version has a security vulnerability. This vulnerability arises from manipulating the tablename parameter in POST requests, which may allow unauthenticated attackers to retrieve sensitive...

8.7CVSS5.8AI score0.00585EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/11 11:15 p.m.8 views

CVE-2026-8346 D-Link DIR-816 portForward command injection

A vulnerability was detected in D-Link DIR-816 1.10CNB05R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ipaddress results in command injection. The attack can be initiated remotely. The exploit is now public and may be used...

6.5CVSS6.5AI score0.03095EPSS
Exploits1References5
NVD
NVD
added 2026/05/11 10:22 p.m.19 views

CVE-2026-8344

A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

8.8CVSS0.03156EPSS
Exploits1References5
EUVD
EUVD
added 2026/05/11 6:31 p.m.11 views

EUVD-2026-29113

D-Link DCS-932L v2.18.01 is vulnerable to Command Injection in the function sub42EF14 of the file /bin/alphapd. The manipulation of the argument LightSensorControl leads to command injection...

5.7AI score0.01235EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/05/11 10:16 a.m.103 views

Exploit for CVE-2026-8260

CVE-2026-8260 Overview A buffer overflow vulnerability af...

9CVSS7.6AI score0.00997EPSS
Exploits2
NVD
NVD
added 2026/05/05 8:16 p.m.10 views

CVE-2026-7857

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

8.6CVSS0.04164EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/05 5:45 p.m.13 views

CVE-2026-7853 D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...

10CVSS7.7AI score0.01515EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

D-Link DI-8100 缓冲区错误漏洞

The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer error vulnerability. This vulnerability arises from the function sprintf in the file yyxz.asp, where the handli...

8.6CVSS7.3AI score0.0408EPSS
Exploits1References1
NVD
NVD
added 2026/05/04 5:16 p.m.40 views

CVE-2026-42374

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

9.8CVSS0.00472EPSS
Exploits1References1
Rows per page
Query Builder