cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-46226,https://securityvulnerability.io/vulnerability/CVE-2021-46226,Command Injection Vulnerability in D-Link DI-7200GV2 Device,"The D-Link DI-7200GV2 device is susceptible to a command injection vulnerability within its wget_test.asp functionality. This flaw permits unprivileged attackers to inject and execute arbitrary commands through the manipulation of the url parameter, potentially compromising the device's integrity. It's essential for users and network administrators to apply security best practices and monitor for updates to safeguard against exploitation.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:36.000Z,0
CVE-2021-46227,https://securityvulnerability.io/vulnerability/CVE-2021-46227,Command Injection Vulnerability in D-Link DI-7200GV2 Device,"The D-Link DI-7200GV2 device, specifically version v21.04.09E1, is vulnerable to command injection through the proxy_client.asp function. By manipulating parameters such as proxy_srv, proxy_srvport, proxy_lanip, and proxy_lanport, attackers may gain the ability to execute arbitrary commands on the affected device, potentially compromising security and network integrity. This vulnerability poses a significant threat to users of the device, necessitating prompt updates and mitigations.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:35.000Z,0
CVE-2021-46228,https://securityvulnerability.io/vulnerability/CVE-2021-46228,Command Injection Vulnerability in D-Link DI-7200GV2.E1 Device,"The D-Link DI-7200GV2.E1 device is susceptible to a command injection vulnerability found in the httpd_debug.asp function. Attackers can exploit this flaw by manipulating the time parameter, allowing for the execution of arbitrary commands on the device. This poses significant security risks as unauthorized actions could lead to system compromise or loss of sensitive data.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:35.000Z,0
CVE-2021-46229,https://securityvulnerability.io/vulnerability/CVE-2021-46229,Command Injection Vulnerability in D-Link DI-7200GV2.E1 Router,"A command injection vulnerability has been identified in the D-Link DI-7200GV2.E1 router's usb_paswd.asp function. This vulnerability allows an attacker to execute arbitrary commands through manipulation of the name parameter, potentially compromising the security and integrity of the device. Users of this router model should take immediate action to implement security patches and mitigate this risk effectively.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:34.000Z,0
CVE-2021-46230,https://securityvulnerability.io/vulnerability/CVE-2021-46230,Command Injection Vulnerability in D-Link DI-7200GV2.E1 Devices,"A command injection vulnerability exists in D-Link's DI-7200GV2.E1 device, specifically in the upgrade_filter function. This flaw permits attackers to send crafted requests that include malicious path and time parameters, allowing them to execute arbitrary code on the affected device. It's imperative for users to evaluate their devices and apply necessary patches to mitigate potential exploitation.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:32.000Z,0
CVE-2021-46231,https://securityvulnerability.io/vulnerability/CVE-2021-46231,Command Injection Vulnerability in D-Link DI-7200GV2.E1,"A security flaw has been identified in the D-Link DI-7200GV2.E1 that allows attackers to inject arbitrary commands through the url_en parameter in the urlrd_opt.asp function. This vulnerability poses significant risks as it enables unauthorized command execution, potentially leading to compromised devices and compromised network integrity. Users are advised to review their current firmware versions and apply necessary security updates to mitigate risks associated with this vulnerability.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:32.000Z,0
CVE-2021-46232,https://securityvulnerability.io/vulnerability/CVE-2021-46232,Command Injection Vulnerability in D-Link DI-7200GV2.E1,"The D-Link DI-7200GV2.E1 device is susceptible to a command injection vulnerability in its version_upgrade.asp function. By manipulating the path parameter, an attacker could potentially execute arbitrary commands on the affected device, leading to unauthorized actions and a compromise of system integrity. It is important for users to apply security updates and follow best practices to mitigate the risk associated with this vulnerability.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:31.000Z,0
CVE-2021-46233,https://securityvulnerability.io/vulnerability/CVE-2021-46233,Command Injection Vulnerability in D-Link DI-7200GV2.E1,"The D-Link DI-7200GV2.E1 device version 21.04.09E1 is vulnerable due to improper validation of user-supplied input. Specifically, the vulnerability resides in the msp_info.htm function, where an attacker can manipulate the cmd parameter to execute arbitrary commands on the device. This flaw could potentially lead to unauthorized access and control over the affected device, posing a serious risk to the integrity and security of the network.",D-Link,Di-7200gv2 Firmware,9.8,CRITICAL,0.014390000142157078,false,,false,false,false,,,false,false,,2022-02-04T01:33:31.000Z,0