DIR-846

CVEs (7)

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2023-33735	Dlink DIR-846W	0.04	—	0.53	May 31, 2023	D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface.
CVE-2022-46552	Dlink Dir 809 Firmware	0.04	—	0.19	Feb 2, 2023	D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.
CVE-2023-43284	Dlink DIR-846	0.03	—	0.38	Oct 5, 2023	D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter.
CVE-2024-0717	Dlink Dir 615	0.02	—	0.28	Jan 19, 2024	A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S,…
CVE-2022-46641	Dlink DIR-846W	0.01	—	0.07	Dec 23, 2022	D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.
CVE-2022-46642	Dlink DIR-846W	0.01	—	0.07	Dec 23, 2022	D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.
CVE-2020-21016	Dlink DIR-846W	0.01	—	0.10	Oct 31, 2022	D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.

CVE-2023-33735May 31, 2023
Dlink
DIR-846W
risk 0.04cvss —epss 0.53
D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface.
CVE-2022-46552Feb 2, 2023
Dlink
Dir 809 Firmware
risk 0.04cvss —epss 0.19
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.
CVE-2023-43284Oct 5, 2023
Dlink
DIR-846
risk 0.03cvss —epss 0.38
D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter.
CVE-2024-0717Jan 19, 2024
Dlink
Dir 615
risk 0.02cvss —epss 0.28
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S,…
CVE-2022-46641Dec 23, 2022
Dlink
DIR-846W
risk 0.01cvss —epss 0.07
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.
CVE-2022-46642Dec 23, 2022
Dlink
DIR-846W
risk 0.01cvss —epss 0.07
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.
CVE-2020-21016Oct 31, 2022
Dlink
DIR-846W
risk 0.01cvss —epss 0.10
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.