DIR845L A1
by Dlink
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33113 | 0.04 | — | 0.03 | May 6, 2024 | D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. | |||
| CVE-2022-36756 | 0.01 | — | 0.03 | Aug 28, 2022 | DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php. | |||
| CVE-2024-33112 | 0.00 | — | 0.06 | May 6, 2024 | D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func. | |||
| CVE-2024-33111 | 0.00 | — | 0.01 | May 6, 2024 | D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php. | |||
| CVE-2024-33110 | 0.00 | — | 0.01 | May 6, 2024 | D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component. | |||
| CVE-2022-38557 | 0.00 | — | 0.01 | Aug 28, 2022 | D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. | |||
| CVE-2022-36755 | 0.00 | — | 0.01 | Aug 28, 2022 | D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. |
- CVE-2024-33113May 6, 2024risk 0.04cvss —epss 0.03
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.
- CVE-2022-36756Aug 28, 2022risk 0.01cvss —epss 0.03
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php.
- CVE-2024-33112May 6, 2024risk 0.00cvss —epss 0.06
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func.
- CVE-2024-33111May 6, 2024risk 0.00cvss —epss 0.01
D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php.
- CVE-2024-33110May 6, 2024risk 0.00cvss —epss 0.01
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component.
- CVE-2022-38557Aug 28, 2022risk 0.00cvss —epss 0.01
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.
- CVE-2022-36755Aug 28, 2022risk 0.00cvss —epss 0.01
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.