RSS   Vulnerabilities for 'Dir-868l firmware'   RSS

2019-05-13
 
CVE-2018-19988

CWE-78
 
 
In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable, and the vulnerabilities affect D-Link DIR-868L Rev.B 2.05B02 devices. In the SetClientInfoDemo.php source code, the AudioMute and AudioEnble parameters are saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. It needs to bypass the wget command option with a single quote. A vulnerable /HNAP1/SetClientInfoDemo XML message could have single quotes and backquotes in the AudioMute or AudioEnable element, such as the '`telnetd`' string.

 
 
CVE-2018-19987

CWE-78
 
 
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.

 
2018-05-09
 
CVE-2018-10957

CWE-352
 
 
CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password. hedwig.cgi and pigwidgeon.cgi are two of the affected components.

 
2018-03-06
 
CVE-2018-6530

CWE-78
 
 
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.

 
 
CVE-2018-6529

CWE-79
 
 
XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi.

 
 
CVE-2018-6528

CWE-79
 
 
XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi.

 
 
CVE-2018-6527

CWE-79
 
 
XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi.

 
2016-08-25
 
CVE-2016-5681

 
 
Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie.

 

 >>> Vendor: D-link 231 Products
Dl-704
Dwl-1000ap
Dp-303
Di-804
Dwl-900ap+
Di-614+
Di-624
Di-704p
Di-604
Dcs-900 internet camera
Dsl-502t
Dsl-504t
Dsl-562t
Dsl-g604t
Di-524
Di-784
Dwl-g700ap
Dsa-3100 airspot gateway
Dwl-2100ap
Di-604 broadband router
Ebr-2310 ethernet broadband router
Wbr-1310 wireless g router
Wbr-2310 rangebooster g router
Dsl-g624t
Dwl-g132
Dwl-2000ap+
Tftp server
Dph-540
Dph-541
Dir-100
Mpeg4 shm audio control
Dir-400
Dkvm-ip8
Dir-300
Camera stream client activex control
Dcs-5605 ptz ip network camera
Dsl-2730u
Dcs-932l camera
Dcs-932l camera firmware
Di-524up
Di-604+
Di-604s
Di-604up
Di-624s
Dir-120
Tm-g5240
Dsr-1000
Dsr-1000n
Dsr-150
Dsr-150n
Dsr-250
Dsr-500
Dsr-500n
Dsr-1000 firmware
Dsr-1000n firmware
Dsr-150 firmware
Dsr-150n firmware
Dsr-250 firmware
Dsr-250n firmware
Dsr-500 firmware
Dsr-500n firmware
Dsl-2640r
Dsl-2641r
Dap 2253
Dap 2253 firmware
Dir-505l shareport mobile companion
Dir-826l wireless n600 cloud router
Dir-505l shareport mobile companion firmware
Dir-826l wireless n600 cloud router firmware
Dap 1150
Dap 1150 firmware
Dap-1350
Dap-1350 firmware
Dir505 shareport mobile companion
Dsp-w215
Dir505 shareport mobile companion firmware
Dir505l shareport mobile companion firmware
Dsp-w215 firmware
Dir-601
Dir-601 firmware
Dsl-2760u-e1
Dir-645
Dir-645 firmware
Dsl2740u
Dsl2750u
Dcs-2103 hd cube network camera
Dcs-2103 hd cube network camera firmware
Dir-655
Dir-655 firmware
Dir-60
Dir-600 firmware
Dap-1360 firmware
Dsl-2730b firmware
Dcs-931l firmware
Dap-1320 firmware
Dcs-932l
Dcs-932l firmware
Dir-600l
Dir-605l
Dir-619l
See all Products for Vendor D-link

Copyright 2024, cxsecurity.com

 

Back to Top