Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-0127 | 1 D-link | 2 Dwl-2600ap, Dwl-2600ap Firmware | 2023-02-21 | N/A | 7.8 HIGH |
A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root. | |||||
CVE-2019-20499 | 1 D-link | 2 Dwl-2600ap, Dwl-2600ap Firmware | 2020-03-28 | 7.2 HIGH | 7.8 HIGH |
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter. | |||||
CVE-2019-20500 | 1 D-link | 2 Dwl-2600ap, Dwl-2600ap Firmware | 2020-03-06 | 7.2 HIGH | 7.8 HIGH |
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter. | |||||
CVE-2019-20501 | 1 D-link | 2 Dwl-2600ap, Dwl-2600ap Firmware | 2020-03-06 | 7.2 HIGH | 7.8 HIGH |
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade firmwareRestore or firmwareServerip parameter. |