VYPR

DIR-818L

by Dlink

CVEs (12)

  • CVE-2025-8956MedAug 14, 2025
    Dlink
    Dir 818l Firmware
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the…

  • CVE-2025-7553MedJul 14, 2025
    Dlink
    DIR-818L
    risk 0.31cvss 4.7epss 0.01

    A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This affects an unknown part of the component System Time Page. The manipulation of the argument NTP Server leads to os command injection. It is possible to initiate the attack remotely.…

  • CVE-2025-9003LowAug 15, 2025
    Dlink
    DIR-818L
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsc_lan.php of the component DHCP Reserved Address Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely.…

  • CVE-2016-6563Jul 13, 2018
    Dlink
    DIR-822
    risk 0.10cvss epss 0.85

    Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected:…

  • CVE-2018-19986May 13, 2019
    Dlink
    DIR-822
    risk 0.04cvss epss 0.55

    In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the…

  • CVE-2022-35620Aug 3, 2022
    Dlink
    DIR-818L
    risk 0.02cvss epss 0.25

    D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcgi_main.

  • CVE-2022-35619Aug 3, 2022
    Dlink
    DIR-818L
    risk 0.01cvss epss 0.06

    D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function ssdpcgi_main.

  • CVE-2019-13482Jul 10, 2019
    Dlink
    DIR-818L
    risk 0.01cvss epss 0.09

    An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings.

  • CVE-2019-13481Jul 10, 2019
    Dlink
    DIR-818L
    risk 0.01cvss epss 0.09

    An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MTU field to SetWanSettings.

  • CVE-2018-20114Jan 2, 2019
    Dlink
    DIR-860L
    risk 0.01cvss epss 0.07

    On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for…

  • CVE-2019-12787Jun 10, 2019
    Dlink
    DIR-818L
    risk 0.00cvss epss 0.02

    An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the Gateway key.

  • CVE-2019-12786Jun 10, 2019
    Dlink
    DIR-818L
    risk 0.00cvss epss 0.02

    An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key.