Dlink: >> Dir-845l Firmware Security Vulnerabilities
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component.
CVSS Score
9.1
EPSS Score
0.001
Published
2024-05-06
D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php.
CVSS Score
5.4
EPSS Score
0.01
Published
2024-05-06
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func.
CVSS Score
7.5
EPSS Score
0.013
Published
2024-05-06
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.
CVSS Score
5.3
EPSS Score
0.379
Published
2024-05-06
A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1.01KRb03.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-03-22
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the cgibin binary via soapcgi_main function.
CVSS Score
9.0
EPSS Score
0.087
Published
2024-03-22
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php.
CVSS Score
9.8
EPSS Score
0.202
Published
2022-08-28
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-28
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.
CVSS Score
9.8
EPSS Score
0.02
Published
2022-08-28