CVE-2024-28726

HIGH Year: 2024
CVSS v3 Score
8.0
High
Weakness Type
CWE-77
View all →

Vulnerability Description

An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function.

Related Vulnerabilities

CVE-2016-4822

HIGH
CVSS:8.0(High)

Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors.

CWE-772016

CVE-2017-8193

HIGH
CVSS:8.0(High)

The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerab...

CWE-772017

CVE-2019-3421

HIGH
CVSS:8.0(High)

The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the u...

CWE-772019

CVE-2020-11770

HIGH
CVSS:8.0(High)

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, R6220 bef...

CWE-772020

CVE-2020-26929

HIGH
CVSS:8.0(High)

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6220 before 1.1.0.100 and R6230 before 1.1.0.100.

CWE-772020

CVE-2020-36650

HIGH
CVSS:8.0(High)

A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is...

CWE-772020