Skip to main content

Dir 645 Firmware

6 CVEs product

Monthly

CVE-2018-25115 CRITICAL POC Act Now

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dir 110 Firmware Dir 412 Firmware Dir 600 Firmware +4
NVD GitHub Exploit-DB
CVSS 4.0
10.0
EPSS
1.6%
CVE-2023-36089 CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 645 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-32092 CRITICAL POC Act Now

D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 645 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
5.6%
CVE-2020-25786 MEDIUM POC This Month

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS D-Link PHP Dir 803 Firmware Dir 816L Firmware +4
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2015-2052 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.6%.

RCE D-Link Buffer Overflow Dir 645 Firmware
NVD
CVSS 2.0
10.0
EPSS
11.6%
CVE-2013-7389 MEDIUM POC PATCH THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 92.2%.

XSS PHP D-Link Dir 645 Firmware Dir 645
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
92.2%
Threat
5.1
EPSS 2% CVSS 10.0
CRITICAL POC Act Now

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dir 110 Firmware +6
NVD GitHub Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 645 Firmware
NVD
EPSS 6% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 645 Firmware
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS D-Link PHP +6
NVD GitHub
EPSS 12% CVSS 10.0
CRITICAL POC THREAT Emergency

Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.6%.

RCE D-Link Buffer Overflow +1
NVD
EPSS 92% 5.1 CVSS 4.3
MEDIUM POC PATCH THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 92.2%.

XSS PHP D-Link +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy