DIR820LA1
by Dlink
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-45382 | 0.20 | — | 0.94 | KEV | Feb 17, 2022 | A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions,… | ||
| CVE-2023-25280 | 0.19 | — | 0.93 | KEV | Mar 16, 2023 | OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. | ||
| CVE-2022-26258 | 0.19 | — | 0.87 | KEV | Mar 27, 2022 | D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | ||
| CVE-2023-25279 | 0.04 | — | 0.44 | Mar 13, 2023 | OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload. | |||
| CVE-2025-52079 | 0.00 | — | 0.00 | Oct 21, 2025 | The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp. | |||
| CVE-2024-51186 | 0.00 | — | 0.01 | Nov 11, 2024 | D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. | |||
| CVE-2024-48150 | 0.00 | — | 0.01 | Oct 14, 2024 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function. | |||
| CVE-2023-44808 | 0.00 | — | 0.04 | Oct 16, 2023 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. | |||
| CVE-2023-44809 | 0.00 | — | 0.02 | Oct 16, 2023 | D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. | |||
| CVE-2023-44807 | 0.00 | — | 0.03 | Oct 6, 2023 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function. | |||
| CVE-2023-25281 | 0.00 | — | 0.00 | Mar 16, 2023 | A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. | |||
| CVE-2023-25282 | 0.00 | — | 0.01 | Mar 15, 2023 | A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. | |||
| CVE-2023-25283 | 0.00 | — | 0.01 | Mar 13, 2023 | A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. | |||
| CVE-2022-34973 | 0.00 | — | 0.01 | Aug 3, 2022 | D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp. |
- risk 0.20cvss —epss 0.94
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions,…
- risk 0.19cvss —epss 0.93
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
- risk 0.19cvss —epss 0.87
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
- CVE-2023-25279Mar 13, 2023risk 0.04cvss —epss 0.44
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload.
- CVE-2025-52079Oct 21, 2025risk 0.00cvss —epss 0.00
The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp.
- CVE-2024-51186Nov 11, 2024risk 0.00cvss —epss 0.01
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions.
- CVE-2024-48150Oct 14, 2024risk 0.00cvss —epss 0.01
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function.
- CVE-2023-44808Oct 16, 2023risk 0.00cvss —epss 0.04
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.
- CVE-2023-44809Oct 16, 2023risk 0.00cvss —epss 0.02
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.
- CVE-2023-44807Oct 6, 2023risk 0.00cvss —epss 0.03
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.
- CVE-2023-25281Mar 16, 2023risk 0.00cvss —epss 0.00
A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.
- CVE-2023-25282Mar 15, 2023risk 0.00cvss —epss 0.01
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.
- CVE-2023-25283Mar 13, 2023risk 0.00cvss —epss 0.01
A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.
- CVE-2022-34973Aug 3, 2022risk 0.00cvss —epss 0.01
D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp.