Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dap\-1650_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-07-16 | CVE-2024-40505 | Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component. | Dap\-1650_firmware | N/A | ||
| 2022-09-08 | CVE-2022-36588 | In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy. | Dap\-1650_firmware | 9.8 | ||
| 2024-01-26 | CVE-2024-23624 | A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root. | Dap\-1650_firmware | 9.8 | ||
| 2024-01-26 | CVE-2024-23625 | A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root. | Dap\-1650_firmware | 9.8 | ||
| 2020-12-30 | CVE-2019-12768 | An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing. | Dap\-1650_firmware | 9.8 | ||
| 2020-03-21 | CVE-2019-12767 | An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands. | Dap\-1650_firmware | N/A |