Exposures › CVE-2020-25367
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login.
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login.
“TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection”
“A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login.”
“Hidden Backdoor in Tenda Router Firmware - DataBreachToday”
“Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot”
“CVEs and Security Vulnerabilities - OpenCVE”
“ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers”
“Database CVE, CWE, CISA KEV & Vulnerability Intelligence | CVE Find”
No correlated FedRAMP products.