DIR850
by Dlink
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-17508 | 0.08 | — | 0.16 | Oct 11, 2019 | On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable. | |||
| CVE-2021-46379 | 0.07 | — | 0.16 | Mar 4, 2022 | DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. | |||
| CVE-2021-46378 | 0.06 | — | 0.32 | Mar 4, 2022 | DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download. |
- CVE-2019-17508Oct 11, 2019risk 0.08cvss —epss 0.16
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable.
- CVE-2021-46379Mar 4, 2022risk 0.07cvss —epss 0.16
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site.
- CVE-2021-46378Mar 4, 2022risk 0.06cvss —epss 0.32
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download.