Product:

Dir\-645_firmware

(Dlink)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 9
Date Id Summary Products Score Patch Annotated
2022-06-27 CVE-2022-32092 D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. Dir\-645_firmware 9.8
2014-07-07 CVE-2013-7389 Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceid parameter to parentalcontrols/bind.php, (2) RESULT parameter to info.php, or (3) receiver parameter to bsc_sms_send.php. Dir\-645, Dir\-645_firmware N/A
2015-02-23 CVE-2015-2052 Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface. Dir\-645_firmware N/A
2023-01-17 CVE-2022-46475 D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function. Dir\-645_firmware 9.8
2022-03-31 CVE-2021-43722 D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size. Dir\-645_firmware 9.8
2019-06-11 CVE-2013-7471 An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPort element of a SOAP POST request. Dir\-300_firmware, Dir\-600_firmware, Dir\-645_firmware, Dir\-845_firmware, Dir\-865_firmware 9.8