Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dir\-850l_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-04 | CVE-2021-46378 | DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download. | Dir\-850l_firmware | 7.5 | ||
| 2022-03-04 | CVE-2021-46379 | DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. | Dir\-850l_firmware | 6.1 | ||
| 2023-12-19 | CVE-2023-49004 | An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter. | Dir\-850l_firmware | 9.8 | ||
| 2017-09-13 | CVE-2017-14419 | The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices, participates in mydlink Cloud Services by establishing a TCP relay service for HTTP, even though a TCP relay service for HTTPS is also established. | Dir\-850l_firmware | 5.9 | ||
| 2017-09-13 | CVE-2017-14420 | The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | Dir\-850l_firmware | 5.9 | ||
| 2017-09-13 | CVE-2017-14424 | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/passwd permissions. | Dir\-850l_firmware | 7.8 | ||
| 2017-09-13 | CVE-2017-14425 | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/etc/hnapasswd permissions. | Dir\-850l_firmware | 7.8 | ||
| 2017-09-13 | CVE-2017-14426 | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0644 /var/etc/shadow (aka the /etc/shadow symlink target) permissions. | Dir\-850l_firmware | 7.8 | ||
| 2017-09-13 | CVE-2017-14427 | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/storage_account_root permissions. | Dir\-850l_firmware | 7.8 | ||
| 2017-09-13 | CVE-2017-14428 | D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/hostapd* permissions. | Dir\-850l_firmware | 7.8 |