Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dir\-882_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-10-17 | CVE-2024-48634 | D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the key parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | Dir\-878_firmware, Dir\-882_firmware | N/A | ||
| 2024-10-17 | CVE-2024-48635 | D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | Dir\-878_firmware, Dir\-882_firmware | N/A | ||
| 2024-10-17 | CVE-2024-48637 | D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | Dir\-878_firmware, Dir\-882_firmware | N/A | ||
| 2024-10-17 | CVE-2024-48636 | D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | Dir\-878_firmware, Dir\-882_firmware | N/A | ||
| 2024-10-17 | CVE-2024-48638 | D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SubnetMask parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | Dir\-878_firmware, Dir\-882_firmware | N/A | ||
| 2022-11-22 | CVE-2022-44804 | D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function. | Dir\-882_firmware | 9.8 | ||
| 2022-11-22 | CVE-2022-44806 | D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow. | Dir\-882_firmware | 9.8 | ||
| 2022-11-22 | CVE-2022-44807 | D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString. | Dir\-882_firmware | 9.8 | ||
| 2023-03-31 | CVE-2023-26925 | An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information. | Dir\-882_firmware | 7.5 | ||
| 2020-03-23 | CVE-2020-8863 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to escalate privileges and execute code in the context... | Dir\-867_firmware, Dir\-878_firmware, Dir\-882_firmware | 8.8 |