4 matches found
CVE-2022-43632
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
PT-2022-5530 · D Link · D-Link Dir-1935
Name of the Vulnerable Software and Affected Versions: D-Link DIR-1935 version 1.03 Description: The issue is related to the SetQoSSettings function in the web management interface of D-Link DIR-1935 routers, which fails to properly clean input data in the user-supplied string when processing the...
CVE-2018-19989
In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth...
PT-2019-6335 · D Link · D-Link Dir-822
Name of the Vulnerable Software and Affected Versions: D-Link DIR-822 versions Rev.B 202KRb06 through Rev.C 3.10B06 Description: The issue is related to insufficient regular expression checking in the SetQoSSettings.php script of D-Link DIR-822 routers when handling the uplink parameter. This can...