Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dap-1860 firmware vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-19598
D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the user sent the request. If this...
Dlink Dap-1860 Firmware 1.01b06
Dlink Dap-1860 Firmware 1.02b01
Dlink Dap-1860 Firmware 1.04b01
8.8
CVSSv3
CVE-2019-19597
D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header.
Dlink Dap-1860 Firmware 1.01b06
Dlink Dap-1860 Firmware 1.02b01
Dlink Dap-1860 Firmware 1.04b01
8.8
CVSSv3
CVE-2023-45208
A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 up to and including 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repeater, via a crafte...
Dlink Dap-1860 Firmware 1.00
Dlink Dap-1860 Firmware 1.01b05-01
Dlink Dap-1860 Firmware 1.01b94
8.8
CVSSv3
CVE-2020-27864
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP servic...
Dlink Dap-1860 Firmware
8
CVSSv3
CVE-2020-15631
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03_HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypasse...
Dlink Dap-1860 Firmware
8.8
CVSSv3
CVE-2020-27865
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd serv...
Dlink Dap-1860 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started