Dir-882 Firmware Security Vulnerabilities and Issues — Dir-882 Firmware CVE List

Lucene search

DlinkDir-882 Firmware

26 matches found

CVE•added 2024/01/19 4:15 p.m.•120 views

CVE-2024-0717

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-...

5.3CVSS5.3AI score0.19519EPSS

CVE•added 2022/04/11 8:15 p.m.•84 views

CVE-2022-1262

A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.

7.8CVSS8AI score0.00406EPSS

CVE•added 2022/05/10 2:15 p.m.•73 views

CVE-2022-28901

A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.

10CVSS9.6AI score0.33425EPSS

CVE•added 2022/05/10 2:15 p.m.•68 views

CVE-2022-28896

A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.

10CVSS9.6AI score0.33425EPSS

CVE•added 2022/05/02 1:15 p.m.•67 views

CVE-2022-28571

D-link 882 DIR882A1_FW130B06 was discovered to contain a command injection vulnerability in`/usr/bin/cli.

9.8CVSS9.7AI score0.17842EPSS

CVE•added 2022/05/10 2:15 p.m.•64 views

CVE-2022-28895

A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.

10CVSS9.6AI score0.33425EPSS

CVE•added 2022/02/04 2:15 a.m.•59 views

CVE-2021-44880

D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request.

10CVSS9.9AI score0.16649EPSS

CVE•added 2022/02/04 2:15 a.m.•58 views

CVE-2021-44881

D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request.

10CVSS9.8AI score0.08686EPSS

CVE•added 2020/03/23 9:15 p.m.•50 views

CVE-2020-8863

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login req...

8.8CVSS9AI score0.01769EPSS

CVE•added 2020/03/23 9:15 p.m.•49 views

CVE-2020-8864

8.8CVSS9.1AI score0.11332EPSS

CVE•added 2022/02/04 2:15 a.m.•48 views

CVE-2021-45998

D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the LocalIPAddress parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request.

9.8CVSS9.8AI score0.07868EPSS

CVE•added 2022/11/22 3:15 p.m.•46 views

CVE-2022-44804

D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.

9.8CVSS9.4AI score0.00474EPSS

CVE•added 2022/11/22 3:15 p.m.•46 views

CVE-2022-44806

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.

9.8CVSS9.4AI score0.01957EPSS

CVE•added 2022/11/22 3:15 p.m.•43 views

CVE-2022-44807

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.

9.8CVSS9.4AI score0.00474EPSS

CVE•added 2024/10/17 6:15 p.m.•43 views

CVE-2024-48629

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the IPAddress parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.01787EPSS

CVE•added 2024/10/17 6:15 p.m.•42 views

CVE-2024-48632

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain multiple command injection vulnerabilities via the LocalIPAddress, TCPPorts, and UDPPorts parameters in the SetPortForwardingSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a ...

8CVSS8.7AI score0.00733EPSS

CVE•added 2024/10/17 6:15 p.m.•42 views

CVE-2024-48633

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain multiple command injection vulnerabilities via the ExternalPort, InternalPort, ProtocolNumber, and LocalIPAddress parameters in the SetVirtualServerSettings function. This vulnerability allows attackers to execute arbit...

8CVSS8.7AI score0.00733EPSS

CVE•added 2024/10/17 6:15 p.m.•41 views

CVE-2024-48634

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the key parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.00733EPSS

CVE•added 2024/10/17 6:15 p.m.•41 views

CVE-2024-48638

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SubnetMask parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.01787EPSS

CVE•added 2024/10/17 6:15 p.m.•39 views

CVE-2024-48630

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the MacAddress parameter in the SetMACFilters2 function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.00733EPSS

CVE•added 2024/10/17 6:15 p.m.•38 views

CVE-2024-48635

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.01787EPSS

CVE•added 2024/10/17 6:15 p.m.•36 views

CVE-2024-48636

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.01787EPSS

CVE•added 2023/03/31 7:15 p.m.•34 views

CVE-2023-26925

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information.

7.5CVSS7.1AI score0.01072EPSS

CVE•added 2024/10/17 6:15 p.m.•34 views

CVE-2024-48637

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.01787EPSS

CVE•added 2024/10/17 6:15 p.m.•33 views

CVE-2024-48631

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

8CVSS8.7AI score0.01787EPSS

CVE•added 2024/02/21 9:15 p.m.•31 views

CVE-2023-24330

Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/.

8.8CVSS7.6AI score0.00951EPSS