Dir 300 Firmware
by Dlink
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-10050 | Hig | 0.67 | 8.8 | 0.10 | Aug 1, 2025 | An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing… | ||
| CVE-2011-4723 | Med | 0.49 | 5.7 | 0.03 | KEV | Dec 20, 2011 | The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors. | |
| CVE-2024-41616 | 0.00 | — | 0.01 | Aug 6, 2024 | D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. | |||
| CVE-2023-31814 | 0.00 | — | 0.01 | May 23, 2023 | D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php. |
- risk 0.67cvss 8.8epss 0.10
An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing…
- risk 0.49cvss 5.7epss 0.03
The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.
- CVE-2024-41616Aug 6, 2024risk 0.00cvss —epss 0.01
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.
- CVE-2023-31814May 23, 2023risk 0.00cvss —epss 0.01
D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.