Dir-846 Firmware Security Vulnerabilities and Issues — Dir-846 Firmware CVE List

Lucene search

DlinkDir-846 Firmware

6 matches found

CVE•added 2023/05/31 8:15 p.m.•132 views

CVE-2023-33735

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface.

9.8CVSS9.6AI score0.74487EPSS

CVE•added 2022/02/17 9:15 p.m.•87 views

CVE-2021-46314

A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name.

9.8CVSS9.9AI score0.23473EPSS

CVE•added 2022/12/23 3:15 p.m.•59 views

CVE-2022-46642

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.

9.9CVSS9.8AI score0.01873EPSS

CVE•added 2022/12/23 3:15 p.m.•58 views

CVE-2022-46641

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.

9.9CVSS9.8AI score0.01873EPSS

CVE•added 2022/10/31 1:15 p.m.•35 views

CVE-2020-21016

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.

9.8CVSS9.8AI score0.04611EPSS

CVE•added 2023/12/07 10:15 p.m.•35 views

CVE-2023-6580

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqos_express_devices/smartqos_normal_devices leads to deserialization. It is possible ...

9CVSS8.8AI score0.00152EPSS