Vulnerabilities (CVE)

Filtered by vendor Dlink Subscribe
Filtered by product Dap-1650 Firmware
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-23625 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 8.3 HIGH 9.6 CRITICAL
A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVE-2024-23624 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 8.3 HIGH 9.6 CRITICAL
A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVE-2022-36588 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 N/A 9.8 CRITICAL
In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
CVE-2019-12768 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.
CVE-2019-12767 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.