Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Dir-878 firmware'
2019-02-12
CVE-2019-8319
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteIPv4Settings API function, as demonstrated by shell metacharacters in the Gateway field.
CVE-2019-8318
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetSysEmailSettings API function, as demonstrated by shell metacharacters in the SMTPServerPort field.
CVE-2019-8317
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteIPv6Settings API function, as demonstrated by shell metacharacters in the DestNetwork field.
CVE-2019-8316
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetWebFilterSettings API function, as demonstrated by shell metacharacters in the WebFilterURLs field.
CVE-2019-8315
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetIPv4FirewallSettings API function, as demonstrated by shell metacharacters in the SrcIPv4AddressRangeStart field.
CVE-2019-8314
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetQoSSettings API function, as demonstrated by shell metacharacters in the IPAddress field.
CVE-2019-8313
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetIPv6FirewallSettings API function, as demonstrated by shell metacharacters in the SrcIPv6AddressRangeStart field.
CVE-2019-8312
CWE-77
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the twsystem function with untrusted input from the request body for the SetSysLogSettings API function, as demonstrated by shell metacharacters in the IPAddress field.
>>>
Vendor:
Dlink
94
Produkty
Mpeg4 viewer activex control
Dir-615
Dcs-2121 firmware
Dcs-2121
Des-3800 firmware
Dwl-2100ap firmware
Dwl-3200ap firmware
Des-3800
Dwl-2100ap
Dwl-3200ap
Dir-685
Dsl-2640b
Dsl-2640b firmware
Dcs-2000
Dcs-5300
Dcs-900
Des-3810
Des-3810 firmware
Dsl-2740b
Dsl-2740b firmware
Dir865l
Dir865l firmware
Dsl-2760u
Des-3810-28
Des-3810-28 firmware
Dwr-932b firmware
Websmart dgs-1510 series firmware
Dsl-2730u firmware
Dwr-116 firmware
Dir-600m firmware
Dir-605l firmware
Dwr-933 firmware
Dir-601 firmware
Dir-620 firmware
Dir-818l(w) firmware
Dir-822 firmware
Dir-823 firmware
Dir-850l firmware
Dir-868l firmware
Dir-880l firmware
Dir-885l firmware
Dir-890l firmware
Dir-895l firmware
Dir-615 firmware
Eyeon baby monitor firmware
Dcm-604 firmware
Dcm-704 firmware
Dir-818lw firmware
Dir-860l firmware
Dir-140l firmware
Dir-640l firmware
Dsl-2770l firmware
Dwr-512 firmware
Dwr-555 firmware
Dwr-921 firmware
Dir-822-us firmware
Dir-823g firmware
Dva-5592 firmware
Dir-878 firmware
Central wifimanager
Dir-816 firmware
Dsl-3782 firmware
Dir-816l firmware
Dir-817lw firmware
Di-524 firmware
Dcs-5009l firmware
Dcs-5010l firmware
Dcs-5020l firmware
Dcs-5025l firmware
Dcs-5030l firmware
Dcs-930l firmware
Dcs-931l firmware
Dcs-932l firmware
Dcs-933l firmware
Dcs-934l firmware
Dir-300 firmware
Dir-865 firmware
Dcs-1130 firmware
Dcs-1100 firmware
Dir-655 firmware
Dsl-2750u firmware
6600-ap firmware
Dwl-3600ap firmware
Dwl-8610ap firmware
Dir-806 firmware
Dns-320 firmware
Dhp-1565 firmware
Dir-652 firmware
Dir-866l firmware
Dir-816 a1 firmware
Dir-846 firmware
Dap-1320 a2 firmware
Dir-850l a firmware
Dir-859 a3 firmware
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Dir-878 firmware' 
Polish
English