Skip to main content

Dir 846 Firmware

8 CVEs product

Monthly

CVE-2023-6580 HIGH POC This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Deserialization Dir 846 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
2.3%
CVE-2023-43284 HIGH POC This Week

D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE D-Link Dir 846 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-33735 CRITICAL POC THREAT Act Now

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
32.6%
CVE-2022-46642 CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.9
EPSS
3.1%
CVE-2022-46641 CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.9
EPSS
3.1%
CVE-2019-17510 CRITICAL POC Act Now

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.6%
CVE-2019-17509 CRITICAL POC Act Now

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2018-16408 HIGH POC This Week

D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE D-Link Command Injection Dir 846 Firmware
NVD GitHub
CVSS 3.0
7.2
EPSS
4.7%
EPSS 2% CVSS 8.8
HIGH POC This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Deserialization Dir 846 Firmware
NVD GitHub VulDB
EPSS 2% CVSS 8.8
HIGH POC This Week

D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE D-Link Dir 846 Firmware
NVD GitHub
EPSS 33% CVSS 9.8
CRITICAL POC THREAT Act Now

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 846 Firmware
NVD GitHub
EPSS 3% CVSS 9.9
CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
EPSS 3% CVSS 9.9
CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection +1
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection +1
NVD GitHub
EPSS 5% CVSS 7.2
HIGH POC This Week

D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE D-Link Command Injection +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy