Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dd-wrt dd-wrt 24 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2012-6297
Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service.
Dd-wrt Dd-wrt 24
7.5
CVSSv2
CVE-2009-2766
httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote malicious users to change settings via HTTP requests.
Dd-wrt Dd-wrt 24
1 EDB exploit
6.8
CVSSv2
CVE-2008-6975
Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentia...
Dd-wrt Dd-wrt 24
2 EDB exploits
8.3
CVSSv2
CVE-2009-2765
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote malicious users to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
Dd-wrt Dd-wrt
3 EDB exploits
6.8
CVSSv2
CVE-2008-6974
Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp1 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the ad...
Dd-wrt Dd-wrt
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started