DIR820LA1
by Dlink
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-25280 | Cri | 0.84 | 9.8 | 0.98 | KEV | Mar 16, 2023 | OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. | |
| CVE-2022-26258 | Cri | 0.82 | 9.8 | 0.81 | KEV | Mar 28, 2022 | D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | |
| CVE-2023-25279 | Cri | 0.66 | 9.8 | 0.32 | Mar 13, 2023 | OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload. | ||
| CVE-2024-48150 | Cri | 0.64 | 9.8 | 0.01 | Oct 14, 2024 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function. | ||
| CVE-2023-44809 | Cri | 0.64 | 9.8 | 0.01 | Oct 16, 2023 | D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. | ||
| CVE-2023-44808 | Cri | 0.64 | 9.8 | 0.01 | Oct 16, 2023 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. | ||
| CVE-2023-44807 | Cri | 0.64 | 9.8 | 0.01 | Oct 6, 2023 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function. | ||
| CVE-2025-52079 | Hig | 0.57 | 8.8 | 0.00 | Oct 21, 2025 | The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp. | ||
| CVE-2024-51186 | Hig | 0.52 | 8.0 | 0.01 | Nov 11, 2024 | D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. | ||
| CVE-2022-34973 | Hig | 0.50 | 7.5 | 0.15 | Aug 3, 2022 | D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp. | ||
| CVE-2023-25281 | Hig | 0.49 | 7.5 | 0.01 | Mar 16, 2023 | A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. | ||
| CVE-2023-25283 | Hig | 0.49 | 7.5 | 0.01 | Mar 13, 2023 | A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. | ||
| CVE-2023-25282 | Med | 0.42 | 6.5 | 0.01 | Mar 15, 2023 | A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. |
- risk 0.84cvss 9.8epss 0.98
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
- risk 0.82cvss 9.8epss 0.81
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
- risk 0.66cvss 9.8epss 0.32
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload.
- risk 0.64cvss 9.8epss 0.01
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function.
- risk 0.64cvss 9.8epss 0.01
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.
- risk 0.64cvss 9.8epss 0.01
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.
- risk 0.64cvss 9.8epss 0.01
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.
- risk 0.57cvss 8.8epss 0.00
The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp.
- risk 0.52cvss 8.0epss 0.01
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions.
- risk 0.50cvss 7.5epss 0.15
D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp.
- risk 0.49cvss 7.5epss 0.01
A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.
- risk 0.49cvss 7.5epss 0.01
A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.
- risk 0.42cvss 6.5epss 0.01
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.