Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dir-859 firmware 1.06b01 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0769
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler. The manipulation of the argument service wi...
Dlink Dir-859 Firmware 1.06
NA
CVE-2023-39638
D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 exists to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin.
Dlink Dir-859 A1 Firmware 1.05
Dlink Dir-859 A1 Firmware 1.06
10
CVSSv2
CVE-2019-20215
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote malicious users to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, ...
Dlink Dir-859 Firmware 1.05
Dlink Dir-859 Firmware 1.06b01
1 Github repository
10
CVSSv2
CVE-2019-20217
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote malicious users to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr functi...
Dlink Dir-859 Firmware 1.05
Dlink Dir-859 Firmware 1.06b01
1 Github repository
10
CVSSv2
CVE-2019-20216
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote malicious users to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr func...
Dlink Dir-859 Firmware 1.05
Dlink Dir-859 Firmware 1.06b01
1 Github repository
5
CVSSv2
CVE-2019-20213
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
Dlink Dir-859 Firmware
Dlink Dir-859 Firmware 1.06b01
Dlink Dir-822 Firmware
Dlink Dir-823 Firmware
Dlink Dir-865l Firmware
Dlink Dir-868l Firmware
Dlink Dir-869 Firmware
Dlink Dir-880l Firmware
Dlink Dir-890l Firmware
Dlink Dir-890r Firmware
Dlink Dir-885l Firmware
Dlink Dir-885r Firmware
Dlink Dir-895l Firmware
Dlink Dir-895r Firmware
Dlink Dir-818lx Firmware -
10
CVSSv2
CVE-2019-17621
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote malicious user to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local ne...
Dlink Dir-859 Firmware
Dlink Dir-859 Firmware 1.06b01
Dlink Dir-822 Firmware
Dlink Dir-823 Firmware
Dlink Dir-823 Firmware 1.00b06
Dlink Dir-865l Firmware
Dlink Dir-868l Firmware
Dlink Dir-869 Firmware
Dlink Dir-869 Firmware 1.03b02
Dlink Dir-880l Firmware
Dlink Dir-890l Firmware
Dlink Dir-890l Firmware 1.11b01
Dlink Dir-890r Firmware
Dlink Dir-890r Firmware 1.11b01
Dlink Dir-885l Firmware
Dlink Dir-885r Firmware
Dlink Dir-895l Firmware
Dlink Dir-895r Firmware
Dlink Dir-818lx Firmware -
7 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started