Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dir\-878_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 34 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-10-17 | CVE-2024-48638 | D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SubnetMask parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | Dir\-878_firmware, Dir\-882_firmware | N/A | ||
| 2022-11-22 | CVE-2022-44202 | D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. | Dir\-878_firmware | 9.8 | ||
| 2022-11-22 | CVE-2022-44801 | D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. | Dir\-878_firmware | 9.8 | ||
| 2023-04-07 | CVE-2023-24798 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | Dir\-878_firmware | 9.8 | ||
| 2023-04-07 | CVE-2023-24799 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | Dir\-878_firmware | 9.8 | ||
| 2023-04-07 | CVE-2023-24800 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | Dir\-878_firmware | 9.8 | ||
| 2023-04-09 | CVE-2023-27720 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | Dir\-878_firmware | 9.8 | ||
| 2020-03-23 | CVE-2020-8863 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to escalate privileges and execute code in the context... | Dir\-867_firmware, Dir\-878_firmware, Dir\-882_firmware | 8.8 | ||
| 2020-03-23 | CVE-2020-8864 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of empty passwords. An attacker can leverage this vulnerability to execute arbitrary code on the router. Was ZDI-CAN-9471. | Dir\-867_firmware, Dir\-878_firmware, Dir\-882_firmware | 8.8 | ||
| 2021-04-02 | CVE-2021-30072 | An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication. | Dir\-878_firmware | 9.8 |