Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2022
CVE-2021-46226
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function wget_test.asp. This vulnerability allows attackers to execute arbitrary commands via the url parameter.
CVSS Score
9.8
EPSS Score
0.079
Published
2022-02-04
CVE-2021-46227
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function proxy_client.asp. This vulnerability allows attackers to execute arbitrary commands via the proxy_srv, proxy_srvport, proxy_lanip, proxy_lanport parameters.
CVSS Score
9.8
EPSS Score
0.139
Published
2022-02-04
CVE-2021-46228
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function httpd_debug.asp. This vulnerability allows attackers to execute arbitrary commands via the time parameter.
CVSS Score
9.8
EPSS Score
0.079
Published
2022-02-04
CVE-2021-46229
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function usb_paswd.asp. This vulnerability allows attackers to execute arbitrary commands via the name parameter.
CVSS Score
9.8
EPSS Score
0.056
Published
2022-02-04
CVE-2021-46230
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function upgrade_filter. This vulnerability allows attackers to execute arbitrary commands via the path and time parameters.
CVSS Score
9.8
EPSS Score
0.059
Published
2022-02-04
CVE-2021-46231
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function urlrd_opt.asp. This vulnerability allows attackers to execute arbitrary commands via the url_en parameter.
CVSS Score
9.8
EPSS Score
0.059
Published
2022-02-04
CVE-2021-46232
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function version_upgrade.asp. This vulnerability allows attackers to execute arbitrary commands via the path parameter.
CVSS Score
9.8
EPSS Score
0.059
Published
2022-02-04
CVE-2021-46233
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function msp_info.htm. This vulnerability allows attackers to execute arbitrary commands via the cmd parameter.
CVSS Score
9.8
EPSS Score
0.059
Published
2022-02-04
CVE-2021-46452
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via the tomography_ping_address, tomography_ping_number, tomography_ping_size, tomography_ping_timeout, and tomography_ping_ttl parameters.
CVSS Score
9.8
EPSS Score
0.059
Published
2022-02-04
CVE-2021-46453
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetStaticRouteSettings. This vulnerability allows attackers to execute arbitrary commands via the staticroute_list parameter.
CVSS Score
9.8
EPSS Score
0.059
Published
2022-02-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved