Dlink Dap-1325 Firmware vulnerabilities
37 known vulnerabilities affecting dlink/dap-1325_firmware.
Total CVEs
37
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH36MEDIUM1
Vulnerabilities
Page 2 of 2
CVE-2023-41201HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41201 [HIGH] CWE-78 CVE-2023-41201: D-Link DAP-1325 HNAP SetSetupWizardStatus Enabled Command Injection Remote Code Execution Vulnerabil
D-Link DAP-1325 HNAP SetSetupWizardStatus Enabled Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of a req
nvd
CVE-2023-44405HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-44405 [HIGH] CWE-121 CVE-2023-44405: D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Remote Code Execution Vulnerability. Th
D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of XML data pr
nvd
CVE-2023-41191HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41191 [HIGH] CWE-78 CVE-2023-41191: D-Link DAP-1325 HNAP SetAPLanSettings Mode Command Injection Remote Code Execution Vulnerability. Th
D-Link DAP-1325 HNAP SetAPLanSettings Mode Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of a request pa
nvd
CVE-2023-41212HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41212 [HIGH] CWE-121 CVE-2023-41212: D-Link DAP-1325 SetTriggerAPValidate Key Stack-based Buffer Overflow Remote Code Execution Vulnerabi
D-Link DAP-1325 SetTriggerAPValidate Key Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of XML
nvd
CVE-2023-41188HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41188 [HIGH] CWE-78 CVE-2023-41188: D-Link DAP-1325 HNAP SetAPLanSettings DeviceName Command Injection Remote Code Execution Vulnerabili
D-Link DAP-1325 HNAP SetAPLanSettings DeviceName Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of a requ
nvd
CVE-2023-41190HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41190 [HIGH] CWE-78 CVE-2023-41190: D-Link DAP-1325 HNAP SetAPLanSettings IPAddr Command Injection Remote Code Execution Vulnerability.
D-Link DAP-1325 HNAP SetAPLanSettings IPAddr Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of a request p
nvd
CVE-2023-41202HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41202 [HIGH] CWE-121 CVE-2023-41202: D-Link DAP-1325 SetAPLanSettings Mode Stack-based Buffer Overflow Remote Code Execution Vulnerabilit
D-Link DAP-1325 SetAPLanSettings Mode Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of XML da
nvd
CVE-2023-41200HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41200 [HIGH] CWE-78 CVE-2023-41200: D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticPrefixLength Command Injection Remote Code Exec
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticPrefixLength Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the h
nvd
CVE-2023-41206HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41206 [HIGH] CWE-121 CVE-2023-41206: D-Link DAP-1325 SetHostIPv6Settings IPv6Mode Stack-based Buffer Overflow Remote Code Execution Vulne
D-Link DAP-1325 SetHostIPv6Settings IPv6Mode Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of
nvd
CVE-2023-41192HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41192 [HIGH] CWE-78 CVE-2023-41192: D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerabili
D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of a requ
nvd
CVE-2023-41195HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41195 [HIGH] CWE-78 CVE-2023-41195: D-Link DAP-1325 HNAP SetHostIPv6Settings IPv6Mode Command Injection Remote Code Execution Vulnerabil
D-Link DAP-1325 HNAP SetHostIPv6Settings IPv6Mode Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of a req
nvd
CVE-2023-41199HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41199 [HIGH] CWE-78 CVE-2023-41199: D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDNS2 Command Injection Remote Code Execution Vu
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDNS2 Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling
nvd
CVE-2023-41204HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41204 [HIGH] CWE-121 CVE-2023-41204: D-Link DAP-1325 SetAPLanSettings SecondaryDNS Stack-based Buffer Overflow Remote Code Execution Vuln
D-Link DAP-1325 SetAPLanSettings SecondaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling o
nvd
CVE-2023-41205HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41205 [HIGH] CWE-121 CVE-2023-41205: D-Link DAP-1325 SetAPLanSettings SubnetMask Stack-based Buffer Overflow Remote Code Execution Vulner
D-Link DAP-1325 SetAPLanSettings SubnetMask Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of
nvd
CVE-2023-41208HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41208 [HIGH] CWE-121 CVE-2023-41208: D-Link DAP-1325 SetHostIPv6StaticSettings StaticDefaultGateway Stack-based Buffer Overflow Remote Co
D-Link DAP-1325 SetHostIPv6StaticSettings StaticDefaultGateway Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists with
nvd
CVE-2023-41210HIGHCVSS 8.8fixed in 1.09b032024-05-03
CVE-2023-41210 [HIGH] CWE-121 CVE-2023-41210: D-Link DAP-1325 SetHostIPv6StaticSettings StaticDNS2 Stack-based Buffer Overflow Remote Code Executi
D-Link DAP-1325 SetHostIPv6StaticSettings StaticDNS2 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the han
nvd
CVE-2023-41186MEDIUMCVSS 6.5fixed in 1.09b032024-05-03
CVE-2023-41186 [MEDIUM] CWE-306 CVE-2023-41186: D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. This vulnerability
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to access various functionality on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the CGI interfa
nvd
← Previous2 / 2