Skip to main content

Dir 550A Firmware

2 CVEs product

Monthly

CVE-2018-10968 CRITICAL Act Now

On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dir 550A Firmware Dir 604M Firmware
NVD
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-10967 HIGH This Week

On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE D-Link Command Injection Dir 550A Firmware Dir 604M Firmware
NVD
CVSS 3.0
8.8
EPSS
3.8%
EPSS 2% CVSS 9.8
CRITICAL Act Now

On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dir 550A Firmware +1
NVD
EPSS 4% CVSS 8.8
HIGH This Week

On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE D-Link Command Injection +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy