CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

KASDA KW5515 安全漏洞

KASDA KW5515 is a wireless router from KASDA. A security vulnerability exists in KASDA KW5515 v1.7 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary operating system commands via cgi parameters...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

PT-2024-8579 · D Link · D-Link Di-8400

Name of the Vulnerable Software and Affected Versions: D-LINK DI-8400 version 16.07.26A1 Description: The issue is related to the msp info htm function in the D-LINK DI-8400 router's firmware, which does not properly neutralize special elements used in a command. This can be exploited by a remote...

CVE-2024-52739

CVE-2024-52739 affects the D-LINK DI-8400 router with firmware v16.07.26A1. The issue is multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function, exploitable via the flag and cmd parameters due to improper handling. The documented impact is remote arbitrary command ex...

D-Link DI-8400 安全漏洞

The D-LINK DI-8400 is an American D-Link router device for home and small business network connectivity. Multiple remote command execution vulnerabilities exist in the mspinfohtm function in the D-LINK DI-8400 version v16.07.26A1 via the flag and cmd parameters. A remote attacker can exploit this...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-51151

CVE-2024-51151 affects the D-Link DI-8200 with firmware 16.07.26A1. The vulnerability is a remote command execution in the msp_info_htm function, exploitable via the flag parameter and the cmd parameter. The connected documents consistently describe this issue as a command injection/remotely expl...

The vulnerability in the ap_mode.cgi script of NETGEAR’s router microprogramming devices R8500, XR300, R7000P, and R6400 v2 allows a hacker to execute arbitrary commands.

The vulnerability of the apmode.cgi script in NETGEAR’s router microprogramming devices such as R8500, XR300, R7000P, and R6400 v2 lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the apmodegateway parameter. Exploiting this...

The vulnerability of the ccmdebug_m() function in the microprogramming software for the Annke Crater 2 (F300) camera allows a intruder to execute arbitrary commands.

The vulnerability of the ccmdebugm function in the Annke Crater 2 F300 IP camera software lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending a...

The vulnerability in the `usb_remote_smb_conf.cgi` script of NETGEAR R8500 router software allows a hacker to execute arbitrary commands.

The vulnerability in the usbremotesmbconf.cgi script of NETGEAR R8500 router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s command when processing the sharename parameter. Exploiting this vulnerability allows a remote attacker...

The vulnerability of the wiz_fix2.cgi script of the Netgear R8500 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the wizfix2.cgi microprogramming software for Netgear R8500 routers lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the wangateway parameter. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability in the genie_fix2.cgi microprogramming software of Netgear R8500’s routers allows a hacker to execute arbitrary commands.

The vulnerability of the geniefix2.cgi microprogramming software for Netgear R8500 routers lies in the lack of measures to neutralize special elements used in the operating system’s commands when processing the wangateway parameter. Exploiting this vulnerability allows a remote attacker to execut...

The vulnerability of the doOpenVPN() function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B routers allows a hacker to execute arbitrary commands.

The vulnerability of the doOpenVPN function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B routers is related to the failure to eliminate the and & elements used in the operating system’s command when processing the action parameter. Exploiting this...

The vulnerability in the genie_dyn.cgi script of the Netgear XR300 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the geniedyn.cgi script of the Netgear XR300 router software lies in the lack of measures to neutralize special elements used in the operating system’s command when processing the parameter systemname. Exploiting this vulnerability allows a remote attacker to execute arbitrar...

The vulnerability in the genie_fix2.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 allows a hacker to execute arbitrary commands.

The vulnerability of the geniefix2.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 lies in the lack of measures taken to neutralize special elements used in the operating system’s commands when processing the wangateway parameter. Exploiting this vulnerability allows a remot...

The vulnerability of the set_ap_map_config() function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setapmapconfig function in the mainfunction.cgi script of the DrayTek Vigor 3900, Vigor 2960, and Vigor 300B routers relates to the failure to eliminate the and & elements used in the operating system’s command when processing the action parameter. Exploiting this...

The vulnerability in the web interface for managing Ethernet switches of Palo Alto Networks, which is controlled by the PAN-OS operating system, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Web interface for managing Ethernet switches in Palo Alto Networks, which is controlled by the PAN-OS operating system, stems from the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a...

The vulnerability of Geovision GV-VS12, GV-VS11, GV-DSP LPR V3, GVLX 4, and GVLX 4 IP video server microprogramming systems arises from the failure to eliminate special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of Geovision GV-VS12, GV-VS11, GV-DSP LPR V3, GVLX 4, and GVLX 4 microprogrammed software for IP video servers is related to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor ...