migraine-sudo/D_Link_Vuln

Releases0

Stars6

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-25280 ↗	Mar 16, 2023Thursday, 16 March 2023, 01:15	9.8 CRITICAL	—
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
CVE-2023-25281 ↗	Mar 16, 2023Thursday, 16 March 2023, 01:15	7.5 HIGH	—
A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.
CVE-2023-25282 ↗	Mar 15, 2023Wednesday, 15 March 2023, 19:15	6.5 MEDIUM	—
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.
CVE-2023-25279 ↗	Mar 13, 2023Monday, 13 March 2023, 19:15	9.8 CRITICAL	—
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload.
CVE-2023-25283 ↗	Mar 13, 2023Monday, 13 March 2023, 12:15	7.5 HIGH	—
A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.
CVE-2022-48107 ↗	Jan 27, 2023Friday, 27 January 2023, 21:15	9.8 CRITICAL	—
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /setnetworksettings/IPAddress. This vulnerability allows attackers to escalate privileges to root via a crafted payload.
CVE-2022-48108 ↗	Jan 27, 2023Friday, 27 January 2023, 21:15	9.8 CRITICAL	—
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to escalate privileges to root via a crafted payload.