Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dir-859 firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0769
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler. The manipulation of the argument service wi...
Dlink Dir-859 Firmware 1.06
NA
CVE-2023-39638
D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 exists to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin.
Dlink Dir-859 A1 Firmware 1.05
Dlink Dir-859 A1 Firmware 1.06
NA
CVE-2023-36092
Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote malicious users to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Dlink Dir-859 Firmware 1.05b03
NA
CVE-2022-46476
D-Link DIR-859 A1 1.05 exists to contain a command injection vulnerability via the service= variable in the soapcgi_main function.
Dlink Dir-859 A1 Firmware 1.05
7.1
CVSSv2
CVE-2022-25106
D-Link DIR-859 v1.05 exists to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted payload.
Dlink Dir-859 Firmware 1.05
Dlink Dir-859 A3 Firmware 1.05
10
CVSSv2
CVE-2019-20215
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote malicious users to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, ...
Dlink Dir-859 Firmware 1.05
Dlink Dir-859 Firmware 1.06b01
1 Github repository
10
CVSSv2
CVE-2019-20217
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote malicious users to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr functi...
Dlink Dir-859 Firmware 1.05
Dlink Dir-859 Firmware 1.06b01
1 Github repository
10
CVSSv2
CVE-2019-20216
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote malicious users to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr func...
Dlink Dir-859 Firmware 1.05
Dlink Dir-859 Firmware 1.06b01
1 Github repository
5
CVSSv2
CVE-2019-20213
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
Dlink Dir-859 Firmware
Dlink Dir-859 Firmware 1.06b01
Dlink Dir-822 Firmware
Dlink Dir-823 Firmware
Dlink Dir-865l Firmware
Dlink Dir-868l Firmware
Dlink Dir-869 Firmware
Dlink Dir-880l Firmware
Dlink Dir-890l Firmware
Dlink Dir-890r Firmware
Dlink Dir-885l Firmware
Dlink Dir-885r Firmware
Dlink Dir-895l Firmware
Dlink Dir-895r Firmware
Dlink Dir-818lx Firmware -
10
CVSSv2
CVE-2019-17621
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote malicious user to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local ne...
Dlink Dir-859 Firmware
Dlink Dir-859 Firmware 1.06b01
Dlink Dir-822 Firmware
Dlink Dir-823 Firmware
Dlink Dir-823 Firmware 1.00b06
Dlink Dir-865l Firmware
Dlink Dir-868l Firmware
Dlink Dir-869 Firmware
Dlink Dir-869 Firmware 1.03b02
Dlink Dir-880l Firmware
Dlink Dir-890l Firmware
Dlink Dir-890l Firmware 1.11b01
Dlink Dir-890r Firmware
Dlink Dir-890r Firmware 1.11b01
Dlink Dir-885l Firmware
Dlink Dir-885r Firmware
Dlink Dir-895l Firmware
Dlink Dir-895r Firmware
Dlink Dir-818lx Firmware -
7 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »