CVE-2026-10060

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

CVE-2023-51984

D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell...

The vulnerability of the SetStaticRouteIPv6Settings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the SetStaticRouteIPv6Settings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the failure of the system to properly validate the input data entered by the user when processing the StaticRouteIPv6List element. Exploiti...

CVE-2019-15528

An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the Interface field to SetStaticRouteSettings...

CVE-2019-13128

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings...

CVE-2019-8319

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST...