VYPR

Dir 605l Firmware

by Dlink

CVEs (67)

  • CVE-2014-8361CriKEVMay 1, 2015
    risk 0.87cvss 9.8epss 1.00

    The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.

  • CVE-2026-42373CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" read from /etc/alpha_config/image_sign.…

  • CVE-2026-42372HigMay 4, 2026
    risk 0.57cvss 8.8epss 0.00

    D-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir605l" read from /etc/alpha_config/image_sign.…

  • CVE-2026-5984HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out…

  • CVE-2026-5983HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDDNS of the file /goform/formSetDDNS of the component POST Request Handler. Executing a manipulation of the argument curTime can lead to buffer overflow. The attack can be executed…

  • CVE-2026-5982HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the component POST Request Handler. Performing a manipulation of the argument curTime results in buffer overflow. Remote…

  • CVE-2026-5981HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST Request Handler. Such manipulation of the argument curTime leads to buffer overflow. The attack may be launched…

  • CVE-2026-5980HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /goform/formSetMACFilter of the component POST Request Handler. This manipulation of the argument curTime causes buffer overflow. The attack may be initiated…

  • CVE-2026-5979HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack can…

  • CVE-2017-9675HigJun 15, 2017
    risk 0.53cvss 7.5epss 0.12

    On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.

  • CVE-2017-17065HigNov 30, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (device crash) or possibly have unspecified other impact by sending a sufficiently…

  • CVE-2012-10021Jul 31, 2025
    risk 0.09cvss epss 0.03

    A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied CAPTCHA data via the FILECODE parameter…

  • CVE-2018-20056Dec 11, 2018
    risk 0.04cvss epss 0.07

    An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter.

  • CVE-2018-20057Dec 11, 2018
    risk 0.01cvss epss 0.07

    An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter.

  • CVE-2026-2056Feb 6, 2026
    risk 0.00cvss epss 0.01

    A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impacted element is an unknown function of the file /wan_connection_status.asp of the component DHCP Connection Status Handler. The manipulation leads to information disclosure.…

  • CVE-2026-2055Feb 6, 2026
    risk 0.00cvss epss 0.01

    A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The…

  • CVE-2026-2054Feb 6, 2026
    risk 0.00cvss epss 0.01

    A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-65731Jan 8, 2026
    risk 0.00cvss epss 0.00

    An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access…

  • CVE-2025-46176May 23, 2025
    risk 0.00cvss epss 0.00

    Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.

  • CVE-2025-4445May 9, 2025
    risk 0.00cvss epss 0.07

    A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The vendor was contacted early about this…

Page 1 of 4