lonelylonglong/openfile-

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-44401 ↗	Sep 6, 2024Friday, 6 September 2024, 16:15	9.8 CRITICAL	—
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file
CVE-2024-44402 ↗	Sep 6, 2024Friday, 6 September 2024, 16:15	9.8 CRITICAL	—
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm.
CVE-2024-44408 ↗	Sep 6, 2024Friday, 6 September 2024, 16:15	7.5 HIGH	—
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords.
CVE-2024-44400 ↗	Sep 4, 2024Wednesday, 4 September 2024, 13:15	9.8 CRITICAL	—
A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection.