Dlink G416 Firmware vulnerabilities

21 known vulnerabilities affecting dlink/g416_firmware.

Total CVEs
21
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH20MEDIUM1

Vulnerabilities

Page 1 of 2
CVE-2024-5295HIGHCVSS 8.8fixed in 1.09b012024-05-23
CVE-2024-5295 [HIGH] CWE-78 CVE-2024-5295: D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability all D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. Th
nvd
CVE-2023-50211HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50211 [HIGH] CWE-121 CVE-2023-50211: D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vu D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service
nvd
CVE-2023-50216HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50216 [HIGH] CWE-78 CVE-2023-50216: D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability. This vu D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP por
nvd
CVE-2023-50203HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50203 [HIGH] CWE-78 CVE-2023-50203: D-Link G416 nodered chmod Command Injection Remote Code Execution Vulnerability. This vulnerability D-Link G416 nodered chmod Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The iss
nvd
CVE-2023-50201HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50201 [HIGH] CWE-78 CVE-2023-50201: D-Link G416 cfgsave upusb Command Injection Remote Code Execution Vulnerability. This vulnerability D-Link G416 cfgsave upusb Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The iss
nvd
CVE-2023-50198HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50198 [HIGH] CWE-78 CVE-2023-50198: D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability. This vulnerability allows D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The
nvd
CVE-2023-50209HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50209 [HIGH] CWE-121 CVE-2023-50209: D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerabil D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP p
nvd
CVE-2023-50204HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50204 [HIGH] CWE-78 CVE-2023-50204: D-Link G416 flupl pythonapp Command Injection Remote Code Execution Vulnerability. This vulnerabilit D-Link G416 flupl pythonapp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port
nvd
CVE-2023-50207HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50207 [HIGH] CWE-78 CVE-2023-50207: D-Link G416 flupl filename Command Injection Remote Code Execution Vulnerability. This vulnerability D-Link G416 flupl filename Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The i
nvd
CVE-2023-50214HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50214 [HIGH] CWE-78 CVE-2023-50214: D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability. This vu D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP por
nvd
CVE-2023-50215HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50215 [HIGH] CWE-78 CVE-2023-50215: D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vul D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port
nvd
CVE-2023-50206HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50206 [HIGH] CWE-78 CVE-2023-50206: D-Link G416 flupl query_type edit Command Injection Remote Code Execution Vulnerability. This vulner D-Link G416 flupl query_type edit Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80
nvd
CVE-2023-50205HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50205 [HIGH] CWE-78 CVE-2023-50205: D-Link G416 awsfile chmod Command Injection Remote Code Execution Vulnerability. This vulnerability D-Link G416 awsfile chmod Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The iss
nvd
CVE-2023-50208HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50208 [HIGH] CWE-121 CVE-2023-50208: D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerabil D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. T
nvd
CVE-2023-50202HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50202 [HIGH] CWE-78 CVE-2023-50202: D-Link G416 flupl pythonmodules Command Injection Remote Code Execution Vulnerability. This vulnerab D-Link G416 flupl pythonmodules Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP
nvd
CVE-2023-50213HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50213 [HIGH] CWE-78 CVE-2023-50213: D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability. This vulner D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80
nvd
CVE-2023-50199HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50199 [HIGH] CWE-306 CVE-2023-50199: D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability. D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on T
nvd
CVE-2023-50210HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50210 [HIGH] CWE-121 CVE-2023-50210: D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulne D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service li
nvd
CVE-2023-50200HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50200 [HIGH] CWE-78 CVE-2023-50200: D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability. This vulnerabilit D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The
nvd
CVE-2023-50217HIGHCVSS 8.8fixed in 1.09b012024-05-03
CVE-2023-50217 [HIGH] CWE-78 CVE-2023-50217: D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability. This vulnerability all D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue
nvd
1 / 2Next →