The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End ...
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload.
9.8CVSS
9.5AI Score
0.002EPSS
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.
6.5CVSS
6.4AI Score
0.001EPSS
A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.
7.5CVSS
7.4AI Score
0.001EPSS
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.
9.8CVSS
9.5AI Score
0.001EPSS
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.
9.8CVSS
9.4AI Score
0.001EPSS
9.8CVSS
9.3AI Score
0.004EPSS