Lucene search

Dap-1650 Firmware Security Vulnerabilities

cve

CVE-2019-12767

An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.

9.8CVSS

9.6AI Score

0.003EPSS

2020-03-21 01:15 AM

110

cve

CVE-2019-12768

An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.

9.8CVSS

9.6AI Score

0.005EPSS

2020-12-30 08:15 PM

cve

CVE-2022-36588

In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.

9.8CVSS

9.6AI Score

0.003EPSS

2022-09-08 12:15 AM

cve

CVE-2024-23624

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.

9.8CVSS

9.8AI Score

0.002EPSS

2024-01-26 12:15 AM

cve

CVE-2024-23625

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.

9.8CVSS

9.8AI Score

0.002EPSS

2024-01-26 12:15 AM