Dap 1650 Firmware

dap-1650_firmware

Vendor: Dlink • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-40505 1Dlink 1Dap 1650 Firmware May 29, 2025 Jul 16, 2024 N/A· v4 9.3 CRITICAL· v3 N/A· v2 Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.
CVE-2024-23625 1Dlink 1Dap 1650 Firmware Nov 21, 2024 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 8.3 HIGH· v2 A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVE-2024-23624 1Dlink 1Dap 1650 Firmware Nov 21, 2024 Jan 26, 2024 N/A· v4 9.8 CRITICAL· v3 8.3 HIGH· v2 A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVE-2022-36588 1Dlink 1Dap 1650 Firmware Nov 21, 2024 Sep 8, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
CVE-2019-12768 1Dlink 1Dap 1650 Firmware Nov 21, 2024 Dec 30, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.
CVE-2019-12767 1Dlink 1Dap 1650 Firmware Nov 21, 2024 Mar 21, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.