CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2015-1187

CVSS 9.8v3.1pub. 2017-09-21upd. 2026-04-21

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 626l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 626l Firmware

    OS
    Dlink
    1.04
  • Dlink Dir 636l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 636l Firmware

    OS
    Dlink
    1.04
  • Dlink Dir 651

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 651 Firmware

    OS
    Dlink
    1.10na
  • Dlink Dir 808l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 808l Firmware

    OS
    Dlink
    1.03
  • Dlink Dir 810l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 810l Firmware

    OS
    Dlink
    1.012.02
  • Dlink Dir 820l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 820l Firmware

    OS
    Dlink
    1.021.052.01
  • Dlink Dir 826l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 826l Firmware

    OS
    Dlink
    1.00
  • Dlink Dir 830l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 830l Firmware

    OS
    Dlink
    1.00
  • Dlink Dir 836l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 836l Firmware

    OS
    Dlink
    1.01
  • Trendnet Tew 651br

    HW
    Trendnet
    wszystkie wersje
  • Trendnet Tew 651br Firmware

    OS
    Trendnet
    wszystkie wersje
  • Trendnet Tew 652br

    HW
    Trendnet
    wszystkie wersje
  • Trendnet Tew 652br Firmware

    OS
    Trendnet
    wszystkie wersje
  • Trendnet Tew 711br

    HW
    Trendnet
    wszystkie wersje
  • Trendnet Tew 711br Firmware

    OS
    Trendnet
    1.00
  • Trendnet Tew 731br

    HW
    Trendnet
    wszystkie wersje
  • Trendnet Tew 731br Firmware

    OS
    Trendnet
    2.01
  • Trendnet Tew 810dr

    HW
    Trendnet
    wszystkie wersje
  • Trendnet Tew 810dr Firmware

    OS
    Trendnet
    1.00
  • Trendnet Tew 813dru

    HW
    Trendnet
    wszystkie wersje
  • Trendnet Tew 813dru Firmware

    OS
    Trendnet
    1.00

CISA KEV — detailsi

Vendori
D-Link and TRENDnet
Producti
Multiple Devices
Added to KEVi
March 25, 2022
Remediation deadline (US Federal)i
April 15, 2022(overdue)
Required action (CISA)i

The impacted product is end-of-life and should be disconnected if still in use.

CISA descriptioni

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 15 kwietnia 2022
Tags
RCEAuth Bypass
CWE
References

Related vulnerabilities

CVE-2023-25280CRITICAL9.8⚠ KEVten sam produkt

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to roo...

CVE-2022-26258CRITICAL9.8⚠ KEVten sam produkt

D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST t...

CVE-2021-45382CRITICAL9.8⚠ KEVten sam produkt

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW...

CVE-2024-48150CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-820L: stack overflow w funkcji sub_451208

CVE-2023-44808CRITICAL9.8ten sam produkt

D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.