Filtered by vendor Dlink Subscriptions
Filtered by product Dap-1650 Firmware Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-40505 1 Dlink 1 Dap-1650 Firmware 2024-11-21 9.3 Critical
Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.
CVE-2024-23625 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 9.6 Critical
A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVE-2024-23624 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 9.6 Critical
A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVE-2022-36588 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 9.8 Critical
In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
CVE-2019-12768 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 9.8 Critical
An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.
CVE-2019-12767 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2024-11-21 9.8 Critical
An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.