An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.
9.8CVSS
9.6AI Score
0.003EPSS
An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.
9.8CVSS
9.6AI Score
0.005EPSS
In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
9.8CVSS
9.6AI Score
0.003EPSS
A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
9.8CVSS
9.8AI Score
0.002EPSS
A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
9.8CVSS
9.8AI Score
0.002EPSS