Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-2112

Summary
Assigner-jpcert
Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At-28 Apr, 2017 | 16:00
Updated At-05 Aug, 2024 | 13:39
Rejected At-
Credits

TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:jpcert
Assigner Org ID:ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At:28 Apr, 2017 | 16:00
Updated At:05 Aug, 2024 | 13:39
Rejected At:
▼CVE Numbering Authority (CNA)

TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Affected Products
Vendor
I-O DATA DEVICE, INC.
Product
TS-WPTCAM
Versions
Affected
  • firmware version 1.18 and earlier
Vendor
I-O DATA DEVICE, INC.
Product
TS-WPTCAM2
Versions
Affected
  • firmware version 1.00
Vendor
I-O DATA DEVICE, INC.
Product
TS-WLCE
Versions
Affected
  • firmware version 1.18 and earlier
Vendor
I-O DATA DEVICE, INC.
Product
TS-WLC2
Versions
Affected
  • firmware version 1.18 and earlier
Vendor
I-O DATA DEVICE, INC.
Product
TS-WRLC
Versions
Affected
  • firmware version 1.17 and earlier
Vendor
I-O DATA DEVICE, INC.
Product
TS-PTCAM/POE
Versions
Affected
  • firmware version 1.18 and earlier
Problem Types
TypeCWE IDDescription
textN/AOS Command Injection
Type: text
CWE ID: N/A
Description: OS Command Injection
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://jvn.jp/en/jp/JVN46830433/index.html
third-party-advisory
x_refsource_JVN
http://www.securityfocus.com/bid/96620
vdb-entry
x_refsource_BID
http://www.iodata.jp/support/information/2017/camera201702/
x_refsource_MISC
Hyperlink: http://jvn.jp/en/jp/JVN46830433/index.html
Resource:
third-party-advisory
x_refsource_JVN
Hyperlink: http://www.securityfocus.com/bid/96620
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.iodata.jp/support/information/2017/camera201702/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://jvn.jp/en/jp/JVN46830433/index.html
third-party-advisory
x_refsource_JVN
x_transferred
http://www.securityfocus.com/bid/96620
vdb-entry
x_refsource_BID
x_transferred
http://www.iodata.jp/support/information/2017/camera201702/
x_refsource_MISC
x_transferred
Hyperlink: http://jvn.jp/en/jp/JVN46830433/index.html
Resource:
third-party-advisory
x_refsource_JVN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/96620
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.iodata.jp/support/information/2017/camera201702/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vultures@jpcert.or.jp
Published At:28 Apr, 2017 | 16:59
Updated At:20 Apr, 2025 | 01:37

TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.8HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.08.3HIGH
AV:A/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 8.3
Base severity: HIGH
Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
iodata
iodata
>>ts-ptcam\/poe_firmware>>Versions up to 1.18(inclusive)
cpe:2.3:o:iodata:ts-ptcam\/poe_firmware:*:*:*:*:*:*:*:*
iodata
iodata
>>ts-ptcam\/poe>>-
cpe:2.3:h:iodata:ts-ptcam\/poe:-:*:*:*:*:*:*:*
iodata
iodata
>>ts-ptcam_firmware>>Versions up to 1.18(inclusive)
cpe:2.3:o:iodata:ts-ptcam_firmware:*:*:*:*:*:*:*:*
iodata
iodata
>>ts-ptcam>>-
cpe:2.3:h:iodata:ts-ptcam:-:*:*:*:*:*:*:*
iodata
iodata
>>ts-wrlc_firmware>>Versions up to 1.17(inclusive)
cpe:2.3:o:iodata:ts-wrlc_firmware:*:*:*:*:*:*:*:*
iodata
iodata
>>ts-wrlc>>-
cpe:2.3:h:iodata:ts-wrlc:-:*:*:*:*:*:*:*
iodata
iodata
>>ts-wlc2_firmware>>Versions up to 1.18(inclusive)
cpe:2.3:o:iodata:ts-wlc2_firmware:*:*:*:*:*:*:*:*
iodata
iodata
>>ts-wlc2>>-
cpe:2.3:h:iodata:ts-wlc2:-:*:*:*:*:*:*:*
iodata
iodata
>>ts-wlce_firmware>>Versions up to 1.18(inclusive)
cpe:2.3:o:iodata:ts-wlce_firmware:*:*:*:*:*:*:*:*
iodata
iodata
>>ts-wlce>>-
cpe:2.3:h:iodata:ts-wlce:-:*:*:*:*:*:*:*
iodata
iodata
>>ts-wptcam2_firmware>>1.00
cpe:2.3:o:iodata:ts-wptcam2_firmware:1.00:*:*:*:*:*:*:*
iodata
iodata
>>ts-wptcam2>>-
cpe:2.3:h:iodata:ts-wptcam2:-:*:*:*:*:*:*:*
iodata
iodata
>>ts-wptcam_firmware>>Versions up to 1.18(inclusive)
cpe:2.3:o:iodata:ts-wptcam_firmware:*:*:*:*:*:*:*:*
iodata
iodata
>>ts-wptcam>>-
cpe:2.3:h:iodata:ts-wptcam:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://jvn.jp/en/jp/JVN46830433/index.htmlvultures@jpcert.or.jp
Third Party Advisory
VDB Entry
http://www.iodata.jp/support/information/2017/camera201702/vultures@jpcert.or.jp
Vendor Advisory
http://www.securityfocus.com/bid/96620vultures@jpcert.or.jp
Third Party Advisory
VDB Entry
http://jvn.jp/en/jp/JVN46830433/index.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.iodata.jp/support/information/2017/camera201702/af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/96620af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
Hyperlink: http://jvn.jp/en/jp/JVN46830433/index.html
Source: vultures@jpcert.or.jp
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.iodata.jp/support/information/2017/camera201702/
Source: vultures@jpcert.or.jp
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/96620
Source: vultures@jpcert.or.jp
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://jvn.jp/en/jp/JVN46830433/index.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.iodata.jp/support/information/2017/camera201702/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/96620
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

116Records found
CVE-2022-43644
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.58% / 67.91%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-14 Feb, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service, which listens on TCP port 4044. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-19461.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-825\/ee_firmwaredir-825\/eedir-825\/ac_firmwaredir-825\/acDIR-825
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43642
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.56% / 67.20%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-14 Feb, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the YouTube plugin for the xupnpd service, which listens on TCP port 4044. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-19222.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-825\/ee_firmwaredir-825\/eedir-825\/ac_firmwaredir-825\/acDIR-825
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43646
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.58% / 67.91%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-14 Feb, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Vimeo plugin for the xupnpd service, which listens on TCP port 4044. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-19463.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-825\/ee_firmwaredir-825\/eedir-825\/ac_firmwaredir-825\/acDIR-825
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43645
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.48% / 63.92%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-14 Feb, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IVI plugin for the xupnpd service, which listens on TCP port 4044. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-19462.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-825\/ee_firmwaredir-825\/eedir-825\/ac_firmwaredir-825\/acDIR-825
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-40720
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.36% / 57.25%
||
7 Day CHG~0.00%
Published-26 Jan, 2023 | 00:00
Updated-01 Apr, 2025 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service, which listens on TCP port 4044 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the router. Was ZDI-CAN-15935.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-27249
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-1.44% / 79.94%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 15:45
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11369.

Action-Not Available
Vendor-D-Link Corporation
Product-dap-2020dap-2020_firmwareDAP-2020
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-27256
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.56% / 67.16%
||
7 Day CHG~0.00%
Published-05 Mar, 2021 | 20:00
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-br500_firmwarerbk12rbk43sbr500ex6150v2_firmwarer8900_firmwarerbr40_firmwarerbk23_firmwarerbk14_firmwarerbk15_firmwareex6410ex6420_firmwareex7300v2_firmwarebr200_firmwareex6250_firmwarerbk53_firmwarexr500_firmwarexr700_firmwarerbk15xr450_firmwareex7300rbk12_firmwarerbs40rbs50y_firmwarer8900rbs40_firmwarer9000_firmwarerbr10rbs10_firmwarerbk43_firmwareex6410_firmwarerbs20rbs50_firmwarerbs50yr9000ex6400v2ex6100v2ex7700_firmwarer7800rbk23rbs10r7800_firmwareex6100v2_firmwarerbk20_firmwarexr450xr700ex6400rbk43s_firmwarerbk20ex6400_firmwarerbk14ex7300_firmwarerbk44_firmwarerbs20_firmwarebr200d7800rbk44ex6150v2ex8000rbk40ex7320_firmwarerbr20rbk40_firmwarerbk13xr500ex6400v2_firmwareex6420ex7300v2d7800_firmwarerbk43ex8000_firmwareex6250rbr10_firmwarerbr40rbs50rbr50_firmwarerbr50ex7700rbk13_firmwarelbr20rbr20_firmwareex7320rbk50rbk53lbr20_firmwarerbk50_firmwareR7800
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-26726
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-8.8||HIGH
EPSS-1.08% / 76.95%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 15:15
Updated-17 Sep, 2024 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote code execution in Valmet DNA before Collection 2021

A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.

Action-Not Available
Vendor-valmetValmet DNA
Product-dnaValmet DNA
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CWE ID-CWE-272
Least Privilege Violation
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2011-0378
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.3||HIGH
EPSS-1.87% / 82.36%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_system_1100telepresence_system_softwaretelepresence_system_1300_seriestelepresence_system_3000telepresence_system_1000telepresence_system_3200_seriestelepresence_system_500_seriesn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5291
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-3.41% / 86.97%
||
7 Day CHG~0.00%
Published-23 May, 2024 | 21:29
Updated-06 Aug, 2025 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21235.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150dir-2150
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5295
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-4.49% / 88.68%
||
7 Day CHG~0.00%
Published-23 May, 2024 | 21:29
Updated-10 Mar, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability

D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21294.

Action-Not Available
Vendor-D-Link Corporation
Product-g416g416_firmwareG416g416_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-8866
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-1.35% / 79.35%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 19:00
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an adjacent network could perform command injection.

Action-Not Available
Vendor-vecnaICS-CERT
Product-vgo_firmwarevgoVGo Robot
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-40719
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.09%
||
7 Day CHG~0.00%
Published-26 Jan, 2023 | 00:00
Updated-01 Apr, 2025 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the xupnpd service, which listens on TCP port 4044 by default. When parsing the feed parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15906.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-2150dir-2150_firmwareDIR-2150
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20139
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-7.77% / 91.60%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 15:24
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.

Action-Not Available
Vendor-gryphonconnectn/a
Product-gryphon_tower_firmwaregryphon_towerGryphon Tower router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20141
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-7.77% / 91.60%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 15:23
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.

Action-Not Available
Vendor-gryphonconnectn/a
Product-gryphon_tower_firmwaregryphon_towerGryphon Tower router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-20138
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-8.18% / 91.85%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 15:24
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the web interface.

Action-Not Available
Vendor-gryphonconnectn/a
Product-gryphon_tower_firmwaregryphon_towerGryphon Tower router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found