Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2022
CVE-2021-46454
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetWLanApcliSettings. This vulnerability allows attackers to execute arbitrary commands via the ApCliKeyStr parameter.
CVSS Score
9.8
EPSS Score
0.353
Published
2022-02-04
CVE-2021-46455
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetStationSettings. This vulnerability allows attackers to execute arbitrary commands via the station_access_enable parameter.
CVSS Score
9.8
EPSS Score
0.079
Published
2022-02-04
CVE-2021-46456
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetWLanACLSettings. This vulnerability allows attackers to execute arbitrary commands via the wl(0).(0)_maclist parameter.
CVSS Score
9.8
EPSS Score
0.079
Published
2022-02-04
CVE-2021-46457
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function ChgSambaUserSettings. This vulnerability allows attackers to execute arbitrary commands via the samba_name parameter.
CVSS Score
9.8
EPSS Score
0.079
Published
2022-02-04
CVE-2022-24142
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the firewallEn parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24143
Tenda AX3 v16.03.12.10_CN and AX12 22.03.01.2_CN was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24144
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters.
CVSS Score
9.8
EPSS Score
0.105
Published
2022-02-04
CVE-2022-24145
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formWifiBasicSet. This vulnerability allows attackers to cause a Denial of Service (DoS) via the security and security_5g parameters.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24146
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetQosBand. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2021-44882
D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request.
CVSS Score
9.8
EPSS Score
0.087
Published
2022-02-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved