CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2021-33118

Malicious code in bioql PyPI...

9.8CVSS9.5AI score0.08692EPSS

Exploits1References2

BDU FSTEC•added 2023/02/06 12:0 a.m.•1 views

The vulnerability of the UPGCGI_CheckAuth() function in D-Link’s wireless access points DAP-2020 and DAP-1360 allows a hacker to execute arbitrary code.

The vulnerability of the UPGCGICheckAuth function in D-Link’s wireless access points DAP-2020 and DAP-1360 is related to numerical truncation errors during the processing of the binary file webupg. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.8CVSS5.9AI score

Exploits0References2Affected Software2

ATTACKERKB•added 2022/04/27 11:15 a.m.•4 views

CVE-2021-46442

In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization...

9.8CVSS7.8AI score0.08692EPSS

Exploits1References3

NVD•added 2022/04/27 11:15 a.m.•8 views

CVE-2021-46441

In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization...

9CVSS0.18266EPSS

Exploits1References2

Cvelist•added 2022/04/27 10:12 a.m.•13 views

CVE-2021-46441

In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization...

9.6AI score0.18266EPSS

Exploits1References2

Cvelist•added 2022/04/27 10:10 a.m.•18 views

CVE-2021-46442

10AI score0.08692EPSS

Exploits1References2

CNNVD•added 2022/04/27 12:0 a.m.•3 views

D-Link DIR-825 G1 操作系统命令注入漏洞

The DIR-825 G1 is a router from D-Link in Taiwan, China. A command injection vulnerability exists in the D-Link DIR-825 G1 firmware version, which stems from a lack of parameter validation in the "webupg" binary file. The vulnerability can be exploited to execute arbitrary system commands with th...

9CVSS6.1AI score0.18266EPSS

Exploits1References3

NVD•added 2022/03/27 8:15 p.m.•10 views

CVE-2021-44127

In DLink DAP-1360 F1 firmware version =v6.10 in the "webupg" binary, an attacker can use the "file" parameter to execute arbitrary system commands when the parameter is "name=deleteFile" after being authorized...

10CVSS0.13515EPSS

Exploits1References2