Filtered by vendor Dlink
Subscribe
Total
846 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39674 | 1 Dlink | 2 Dir-880l A1, Dir-880l A1 Firmware | 2023-08-25 | N/A | 9.8 CRITICAL |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets. | |||||
| CVE-2023-39671 | 1 Dlink | 2 Dir-880l A1, Dir-880l A1 Firmware | 2023-08-25 | N/A | 9.8 CRITICAL |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68. | |||||
| CVE-2023-39669 | 1 Dlink | 2 Dir-880l A1, Dir-880l A1 Firmware | 2023-08-25 | N/A | 7.5 HIGH |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824. | |||||
| CVE-2023-39749 | 1 Dlink | 2 Dap-2660, Dap-2660 Firmware | 2023-08-24 | N/A | 9.8 CRITICAL |
| D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request. | |||||
| CVE-2023-39750 | 1 Dlink | 2 Dap-2660, Dap-2660 Firmware | 2023-08-24 | N/A | 9.8 CRITICAL |
| D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request. | |||||
| CVE-2022-36524 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2023-08-08 | N/A | 7.5 HIGH |
| D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static Default Credentials via /etc/init0.d/S80telnetd.sh. | |||||
| CVE-2022-36755 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. | |||||
| CVE-2022-36526 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2023-08-08 | N/A | 7.5 HIGH |
| D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass via function phpcgi_main in cgibin. | |||||
| CVE-2022-44801 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. | |||||
| CVE-2022-42999 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2023-08-08 | N/A | 7.5 HIGH |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm. | |||||
| CVE-2022-38258 | 1 Dlink | 2 Dir-819, Dir-819 Firmware | 2023-08-08 | N/A | 8.1 HIGH |
| A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request. | |||||
| CVE-2022-36756 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php. | |||||
| CVE-2022-44930 | 1 Dlink | 2 Dhp-w310av, Dhp-w310av Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function. | |||||
| CVE-2022-43184 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi. | |||||
| CVE-2022-42159 | 1 Dlink | 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more | 2023-08-08 | N/A | 4.3 MEDIUM |
| D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator. | |||||
| CVE-2022-46476 | 1 Dlink | 2 Dir-859 A1, Dir-859 A1 Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function. | |||||
| CVE-2022-28915 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm. | |||||
| CVE-2021-45382 | 1 Dlink | 12 Dir-810l, Dir-810l Firmware, Dir-820l and 9 more | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched. | |||||
| CVE-2022-28573 | 1 Dlink | 2 Dir-823 Pro, Dir-823 Pro Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNTPserverSeting. This vulnerability allows attackers to execute arbitrary commands via the system_time_timezone parameter. | |||||
| CVE-2022-48108 | 1 Dlink | 2 Dir 878, Dir 878 Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to escalate privileges to root via a crafted payload. | |||||