Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2024/07/12 12:0 a.m.1 views

D-Link DIR-2640 Authentication Bypass Vulnerability

The D-Link DIR-2640 is a high power Wi-Fi router manufactured by the Chinese company AUO D-Link, which is mainly used to provide wireless network connectivity. The D-Link DIR-2640 suffers from an authentication bypass vulnerability that stems from the HNAP PrivateLogin authentication bypass...

6.5CVSS7.1AI score0.00938EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2023/05/04 12:0 a.m.22 views

D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. ...

6.5CVSS6.9AI score0.00938EPSS
Exploits0References1
NVD
NVDadded 2021/11/04 11:15 a.m.10 views

CVE-2020-25368

A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login...

9.8CVSS0.34398EPSS
Exploits1References3
Prion
Prionadded 2021/11/04 11:15 a.m.13 views

Command injection

A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login...

7.5CVSS9.7AI score0.34398EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2021/11/04 10:19 a.m.12 views

CVE-2020-25368

A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login...

9.7AI score0.34398EPSS
Exploits1References3
CNNVD
CNNVDadded 2021/11/04 12:0 a.m.3 views

D-Link DIR-823G 命令注入漏洞

The D-Link DIR-823G is an AC1200M dual-band gigabit wireless router.A command injection vulnerability exists in the HNAP1 protocol of the D-Link DIR-823G version 1.0.2B05. The vulnerability can be exploited to execute arbitrary web scripts via shell meta characters in the PrivateLogin field of th...

9.8CVSS6.1AI score0.34398EPSS
Exploits1References4
CNVD
CNVDadded 2021/08/30 12:0 a.m.15 views

D-Link DIR-2055 HNAP PrivateLogin incorrect authentication algorithm implements authentication bypass vulnerability

D-Link DIR-2055 is a router device. a security vulnerability exists in the D-Link DIR-2055 HNAP PrivateLogin authentication algorithm, which can be exploited by attackers to escalate privileges and execute arbitrary code in the router context...

4.7AI score
Exploits0References1
Rows per page
Query Builder