VYPR

DIR-2150

by Dlink

CVEs (17)

  • CVE-2024-5291HigMay 23, 2024
    risk 0.57cvss 8.8epss 0.02

    D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this…

  • CVE-2023-34282HigMay 3, 2024
    risk 0.57cvss 8.8epss 0.01

    D-Link DIR-2150 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2150 routers. Authentication is not required to…

  • CVE-2023-34279HigMay 3, 2024
    risk 0.57cvss 8.8epss 0.01

    D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this…

  • CVE-2023-34274HigMay 3, 2024
    risk 0.57cvss 8.8epss 0.01

    D-Link DIR-2150 LoginPassword Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2150 routers. Authentication is not…

  • CVE-2022-3210HigMar 29, 2023
    risk 0.57cvss 8.8epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP…

  • CVE-2022-40720HigJan 26, 2023
    risk 0.57cvss 8.8epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd…

  • CVE-2022-40719HigJan 26, 2023
    risk 0.57cvss 8.8epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the…

  • CVE-2022-40718HigJan 26, 2023
    risk 0.57cvss 8.8epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by…

  • CVE-2022-40717HigJan 26, 2023
    risk 0.57cvss 8.8epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by…

  • CVE-2023-44415HigMay 3, 2024
    risk 0.52cvss 8.0epss 0.01

    D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this…

  • CVE-2023-34281HigMay 3, 2024
    risk 0.52cvss 8.0epss 0.02

    D-Link DIR-2150 GetFirmwareStatus Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit…

  • CVE-2023-34280HigMay 3, 2024
    risk 0.52cvss 8.0epss 0.02

    D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit…

  • CVE-2023-34278HigMay 3, 2024
    risk 0.52cvss 8.0epss 0.02

    D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to…

  • CVE-2023-34277HigMay 3, 2024
    risk 0.52cvss 8.0epss 0.02

    D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to…

  • CVE-2023-34276HigMay 3, 2024
    risk 0.52cvss 8.0epss 0.02

    D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to…

  • CVE-2023-34275HigMay 3, 2024
    risk 0.52cvss 8.0epss 0.02

    D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this…

  • CVE-2024-0717MedJan 19, 2024
    risk 0.36cvss 5.3epss 0.18

    A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S,…