Dlink Di-7200Gv2 Firmware vulnerabilities

8 known vulnerabilities affecting dlink/di-7200gv2_firmware.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL8

Vulnerabilities

Page 1 of 1
CVE-2021-46232CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46232 [CRITICAL] CWE-77 CVE-2021-46232: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function version_upgrade.asp. This vulnerability allows attackers to execute arbitrary commands via the path parameter.
nvd
CVE-2021-46226CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46226 [CRITICAL] CWE-77 CVE-2021-46226: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function wget_test.asp. This vulnerability allows attackers to execute arbitrary commands via the url parameter.
nvd
CVE-2021-46230CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46230 [CRITICAL] CWE-77 CVE-2021-46230: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function upgrade_filter. This vulnerability allows attackers to execute arbitrary commands via the path and time parameters.
nvd
CVE-2021-46227CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46227 [CRITICAL] CWE-77 CVE-2021-46227: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function proxy_client.asp. This vulnerability allows attackers to execute arbitrary commands via the proxy_srv, proxy_srvport, proxy_lanip, proxy_lanport parameters.
nvd
CVE-2021-46233CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46233 [CRITICAL] CWE-77 CVE-2021-46233: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function msp_info.htm. This vulnerability allows attackers to execute arbitrary commands via the cmd parameter.
nvd
CVE-2021-46231CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46231 [CRITICAL] CWE-77 CVE-2021-46231: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function urlrd_opt.asp. This vulnerability allows attackers to execute arbitrary commands via the url_en parameter.
nvd
CVE-2021-46229CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46229 [CRITICAL] CWE-77 CVE-2021-46229: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function usb_paswd.asp. This vulnerability allows attackers to execute arbitrary commands via the name parameter.
nvd
CVE-2021-46228CRITICALCVSS 9.8≤ 21.04.09e12022-02-04
CVE-2021-46228 [CRITICAL] CWE-77 CVE-2021-46228: D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function httpd_debug.asp. This vulnerability allows attackers to execute arbitrary commands via the time parameter.
nvd