Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

dlink dap-1860 firmware vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3

CVE-2019-19598

D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the user sent the request. If this...
Dlink Dap-1860 Firmware 1.01b06Dlink Dap-1860 Firmware 1.02b01Dlink Dap-1860 Firmware 1.04b01
8.8
CVSSv3

CVE-2019-19597

D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header.
Dlink Dap-1860 Firmware 1.01b06Dlink Dap-1860 Firmware 1.02b01Dlink Dap-1860 Firmware 1.04b01
8.8
CVSSv3

CVE-2023-45208

A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 up to and including 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repeater, via a crafte...
Dlink Dap-1860 Firmware 1.00Dlink Dap-1860 Firmware 1.01b05-01Dlink Dap-1860 Firmware 1.01b94
8.8
CVSSv3

CVE-2020-27864

This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP servic...
Dlink Dap-1860 Firmware
8
CVSSv3

CVE-2020-15631

This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03_HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypasse...
Dlink Dap-1860 Firmware
8.8
CVSSv3

CVE-2020-27865

This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd serv...
Dlink Dap-1860 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRFserver-side request forgeryCVE-2024-30067CVE-2024-5553CVE-2024-30095IDORCVE-2024-35252CVE-2024-23692CVE-2024-27801
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook