Vulnerabilities > D Link > DIR 822 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-08-18 CVE-2019-6258 Classic Buffer Overflow vulnerability in D-Link Dir-822 Firmware
D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.
network
low complexity
d-link CWE-120
critical
9.8
2019-05-13 CVE-2018-19986 OS Command Injection vulnerability in D-Link Dir-818Lw Firmware and Dir-822 Firmware
In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices.
network
low complexity
d-link CWE-78
critical
9.8
2019-05-13 CVE-2018-19987 OS Command Injection vulnerability in multiple products
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode.
network
low complexity
d-link dlink CWE-78
critical
9.8
2019-05-13 CVE-2018-19989 OS Command Injection vulnerability in multiple products
In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices.
network
low complexity
d-link dlink CWE-78
critical
9.8
2019-05-13 CVE-2018-19990 OS Command Injection vulnerability in D-Link Dir-822 Firmware 202Krb06
In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices.
network
low complexity
d-link CWE-78
critical
9.8