Vulnerabilities > Dlink > DIR 818Lw Firmware > 2.05.b03

DATE CVE VULNERABILITY TITLE RISK
2019-06-10 CVE-2019-12787 XML Injection (aka Blind XPath Injection) vulnerability in Dlink Dir-818Lw Firmware 2.05.B03/2.06B01
An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA.
network
low complexity
dlink CWE-91
6.5
6.5
2019-06-10 CVE-2019-12786 Command Injection vulnerability in Dlink Dir-818Lw Firmware 2.05.B03/2.06B01
An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA.
network
low complexity
dlink CWE-77
6.5
6.5
2019-01-02 CVE-2018-20114 OS Command Injection vulnerability in Dlink Dir-818Lw Firmware and Dir-860L Firmware
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter.
network
low complexity
dlink CWE-78
critical
 10.0
10