Filtered by vendor Dlink
Subscribe
Total
1253 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-48636 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | 8.0 HIGH |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48271 | 1 Dlink | 2 Dsl-6740c, Dsl-6740c Firmware | 2025-05-07 | N/A | 8.8 HIGH |
| D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the device via a bruteforce attack. | |||||
| CVE-2024-48638 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | 8.0 HIGH |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SubnetMask parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48272 | 1 Dlink | 2 Dsl-6740c, Dsl-6740c Firmware | 2025-05-07 | N/A | 6.5 MEDIUM |
| D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack. | |||||
| CVE-2024-51023 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-05-07 | N/A | 8.8 HIGH |
| D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-51024 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-05-07 | N/A | 8.0 HIGH |
| D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-51186 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2025-05-07 | N/A | 8.0 HIGH |
| D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. | |||||
| CVE-2022-43003 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function. | |||||
| CVE-2022-43002 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54. | |||||
| CVE-2022-43001 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function. | |||||
| CVE-2022-43000 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4. | |||||
| CVE-2022-42999 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 7.5 HIGH |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm. | |||||
| CVE-2022-42998 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd. | |||||
| CVE-2020-21016 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php. | |||||
| CVE-2017-14429 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2025-05-06 | 10.0 HIGH | 9.8 CRITICAL |
| The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting generated files such as WAN-1-udhcpc.sh. | |||||
| CVE-2022-43109 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-05-05 | N/A | 9.8 CRITICAL |
| D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet. | |||||
| CVE-2024-27684 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-05-02 | N/A | 6.1 MEDIUM |
| A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | |||||
| CVE-2024-57684 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | N/A | 9.8 CRITICAL |
| An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request. | |||||
| CVE-2024-57683 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | N/A | 4.3 MEDIUM |
| An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST request. | |||||
| CVE-2024-57682 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | N/A | 6.5 MEDIUM |
| An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request. | |||||