Dlink Dap-1650 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Dlink Dap-1650 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-12767 — CVSS 9.8 (critical): An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.
CVE-2019-12768 — CVSS 9.8 (critical): An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via…
CVE-2022-36588 — CVSS 9.8 (critical): In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
CVE-2024-23624 — CVSS 9.6 (critical): A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this…
CVE-2024-23625 — CVSS 9.6 (critical): A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can…
CVE-2024-40505 — CVSS 9.3 (critical): Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi…