Dlink Dwl-2600Ap Firmware vulnerabilities
4 known vulnerabilities affecting dlink/dwl-2600ap_firmware.
Total CVEs
4
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
1
Severity breakdown
HIGH4
Vulnerabilities
Page 1 of 1
CVE-2023-0127HIGHCVSS 7.8v4.2.0.172023-02-11
CVE-2023-0127 [HIGH] CWE-77 CVE-2023-0127: A command injection vulnerability in the firmware_update command, in the device's restricted telnet
A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root.
nvd
CVE-2019-20501HIGHCVSS 7.8PoC≤ 4.2.0.152020-03-05
CVE-2019-20501 [HIGH] CWE-78 CVE-2019-20501: D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability vi
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade firmwareRestore or firmwareServerip parameter.
nvd
CVE-2019-20500HIGHCVSS 7.8KEVPoC≤ 4.2.0.152020-03-05
CVE-2019-20500 [HIGH] CWE-78 CVE-2019-20500: D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability vi
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.
nvd
CVE-2019-20499HIGHCVSS 7.8PoC≤ 4.2.0.152020-03-05
CVE-2019-20499 [HIGH] CWE-78 CVE-2019-20499: D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability vi
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter.
nvd