Filtered by vendor Dlink
Subscribe
Total
1253 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-25895 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 8.0 HIGH |
| An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the public_type parameter. This vulnerability allows attackers to execute arbitrary operating system (OS) commands via a crafted packet. | |||||
| CVE-2025-25896 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| A buffer overflow vulnerability was discovered in D-Link DSL-3782 v1.01 via the destination, netmask, and gateway parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | |||||
| CVE-2025-29041 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-05-01 | N/A | 9.8 CRITICAL |
| An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c | |||||
| CVE-2025-29040 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-05-01 | N/A | 9.8 CRITICAL |
| An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c | |||||
| CVE-2022-44204 | 1 Dlink | 2 Dir-3060, Dir-3060 Firmware | 2025-04-30 | N/A | 9.8 CRITICAL |
| D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow. | |||||
| CVE-2025-29743 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-04-30 | N/A | 6.5 MEDIUM |
| D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. | |||||
| CVE-2022-44807 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString. | |||||
| CVE-2022-44806 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow. | |||||
| CVE-2022-44804 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function. | |||||
| CVE-2022-44801 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. | |||||
| CVE-2022-44202 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. | |||||
| CVE-2022-36786 | 1 Dlink | 2 Dsl-224, Dsl-224 Firmware | 2025-04-29 | N/A | 9.9 CRITICAL |
| DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router. | |||||
| CVE-2022-36785 | 1 Dlink | 2 G Integrated Access Device4, G Integrated Access Device4 Firmware | 2025-04-29 | N/A | 7.5 HIGH |
| D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. *Information Disclosure – file contains a URL with private IP at line 15 "login.asp" A. The window.location.href = http://192.168.1.1/setupWizard.asp" http://192.168.1.1/setupWizard.asp" ; "admin" – contains default username value "login.asp" B. While accessing the web interface, the login form at *Authorization Bypass – URL by "setupWizard.asp' while it blocks direct access to – the web interface does not properly validate user identity variables values located at the client side, it is available to access it without a "login_glag" and "login_status" checking browser and to read the admin user credentials for the web interface. | |||||
| CVE-2022-44201 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-04-29 | N/A | 9.8 CRITICAL |
| D-Link DIR823G 1.02B05 is vulnerable to Commad Injection. | |||||
| CVE-2022-44808 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-04-25 | N/A | 9.8 CRITICAL |
| A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability. | |||||
| CVE-2025-29043 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-04-25 | N/A | 9.8 CRITICAL |
| An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234 | |||||
| CVE-2025-29042 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-04-25 | N/A | 9.8 CRITICAL |
| An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c | |||||
| CVE-2025-29039 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-04-25 | N/A | 7.2 HIGH |
| An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8 | |||||
| CVE-2022-40799 | 1 Dlink | 2 Dnr-322l, Dnr-322l Firmware | 2025-04-25 | N/A | 8.8 HIGH |
| Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. | |||||
| CVE-2022-44930 | 1 Dlink | 2 Dhp-w310av, Dhp-w310av Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
| D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function. | |||||