Vulnerabilities (CVE)

Filtered by vendor Dlink Subscribe
Filtered by product Dir-818lw
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-13482 1 Dlink 2 Dir-818lw, Dir-818lw Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings.
CVE-2019-13481 1 Dlink 2 Dir-818lw, Dir-818lw Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MTU field to SetWanSettings.
CVE-2019-12787 1 Dlink 2 Dir-818lw, Dir-818lw Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the Gateway key.
CVE-2019-12786 1 Dlink 2 Dir-818lw, Dir-818lw Firmware 2024-11-21 6.5 MEDIUM 8.8 HIGH
An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key.
CVE-2018-20114 1 Dlink 4 Dir-818lw, Dir-818lw Firmware, Dir-860l and 1 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530.
CVE-2018-19987 2 D-link, Dlink 13 Dir-818lw Firmware, Dir-822 Firmware, Dir-860l Firmware and 10 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.
CVE-2018-19986 2 D-link, Dlink 4 Dir-818lw Firmware, Dir-822 Firmware, Dir-818lw and 1 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the $path_inf_wan1."/web" internal configuration memory without any regex checking. And in the IPTWAN_build_command function of the iptwan.php source code, the data in $path_inf_wan1."/web" is used with the iptables command without any regex checking. A vulnerable /HNAP1/SetRouterSettings XML message could have shell metacharacters in the RemotePort element such as the `telnetd` string.