VYPR

DI-7200GV2

by Dlink

CVEs (18)

  • CVE-2023-45577CriOct 16, 2023
    risk 0.64cvss 9.8epss 0.01

    Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1…

  • CVE-2023-45573CriOct 16, 2023
    risk 0.64cvss 9.8epss 0.01

    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and…

  • CVE-2023-43201CriSep 20, 2023
    risk 0.64cvss 9.8epss 0.01

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the hi_up parameter in the qos_ext.asp function.

  • CVE-2023-43200CriSep 20, 2023
    risk 0.64cvss 9.8epss 0.01

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the id parameter in the yyxz.data function.

  • CVE-2023-43199CriSep 20, 2023
    risk 0.64cvss 9.8epss 0.01

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the prev parameter in the H5/login.cgi function.

  • CVE-2023-43198CriSep 20, 2023
    risk 0.64cvss 9.8epss 0.01

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the popupId parameter in the H5/hi_block.asp function.

  • CVE-2023-43197CriSep 20, 2023
    risk 0.64cvss 9.8epss 0.01

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.

  • CVE-2023-43196CriSep 20, 2023
    risk 0.64cvss 9.8epss 0.01

    D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the zn_jb parameter in the arp_sys.asp function.

  • CVE-2021-46233CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.04

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function msp_info.htm. This vulnerability allows attackers to execute arbitrary commands via the cmd parameter.

  • CVE-2021-46232CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.04

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function version_upgrade.asp. This vulnerability allows attackers to execute arbitrary commands via the path parameter.

  • CVE-2021-46231CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.04

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function urlrd_opt.asp. This vulnerability allows attackers to execute arbitrary commands via the url_en parameter.

  • CVE-2021-46230CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.04

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function upgrade_filter. This vulnerability allows attackers to execute arbitrary commands via the path and time parameters.

  • CVE-2021-46229CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.04

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function usb_paswd.asp. This vulnerability allows attackers to execute arbitrary commands via the name parameter.

  • CVE-2021-46228CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.04

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function httpd_debug.asp. This vulnerability allows attackers to execute arbitrary commands via the time parameter.

  • CVE-2021-46227CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.05

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function proxy_client.asp. This vulnerability allows attackers to execute arbitrary commands via the proxy_srv, proxy_srvport, proxy_lanip, proxy_lanport parameters.

  • CVE-2021-46226CriFeb 4, 2022
    risk 0.64cvss 9.8epss 0.04

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function wget_test.asp. This vulnerability allows attackers to execute arbitrary commands via the url parameter.

  • CVE-2024-44334HigSep 9, 2024
    risk 0.60cvss 8.8epss 0.32

    D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of…

  • CVE-2024-44335HigSep 9, 2024
    risk 0.58cvss 8.8epss 0.12

    D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution (RCE) via version_upgrade.asp.