CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2024-5291 affects D-Link DIR-2150. The vulnerability resides in the SOAP API interface listening on TCP port 80, where insufficient validation of a user-supplied string before executing a system call allows network-adjacent attackers to achieve remote code execution in the router context (roo...

8.8CVSS9.2AI score0.04555EPSS

Exploits0References1Affected Software1

NVD•added 2024/05/03 2:15 a.m.•13 views

CVE-2023-34275

D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the...

8CVSS7.2AI score0.00184EPSS

Exploits0References1

Zero Day Initiative•added 2023/05/15 12:0 a.m.•29 views

D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP A...

6.8CVSS7.4AI score0.00184EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by