Filtered by vendor Dd-wrt
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-13976 | 1 Dd-wrt | 1 Dd-wrt | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| ** DISPUTED ** An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation through CSRF might be possible. NOTE: software maintainers consider the report invalid because it refers to an old software version, requires administrative privileges, and does not provide access beyond that already available to administrative users. | |||||
| CVE-2012-6297 | 1 Dd-wrt | 1 Dd-wrt | 2020-02-11 | 9.3 HIGH | 8.8 HIGH |
| Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service. | |||||