DLINK - DSL-224 Post-auth RCE.DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API.It is possible to inject a command through this interface that will run with ROOT permissions on the router.
9.9CVSS
9.4AI Score
0.001EPSS
D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method.
8.8CVSS
8.9AI Score
0.001EPSS
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts
9.8CVSS
9.5AI Score
0.001EPSS
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-...
5.3CVSS
5.3AI Score
0.001EPSS