VYPR

Vendor CVEs

Dlink

All CVEs

1,843 total · sorted by risk
  • CVE-2018-6530CriKEVMar 6, 2018
    risk 0.89cvss 9.8epss 0.97

    OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and…

  • CVE-2014-8361CriKEVMay 1, 2015
    risk 0.87cvss 9.8epss 1.00

    The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.

  • CVE-2015-1187CriKEVSep 21, 2017
    risk 0.85cvss 9.8epss 0.83

    The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.

  • CVE-2015-2051HigKEVFeb 23, 2015
    risk 0.80cvss 8.8epss 0.97

    The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

  • CVE-2016-6563CriJul 13, 2018
    risk 0.73cvss 9.8epss 0.80

    Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected:…

  • CVE-2018-17440CriOct 8, 2018
    risk 0.70cvss 9.8epss 0.37

    An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker could execute arbitrary PHP…

  • CVE-2018-15839CriAug 28, 2018
    risk 0.70cvss 9.8epss 0.45

    D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.

  • CVE-2017-12943CriAug 18, 2017
    risk 0.70cvss 9.8epss 0.39

    D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password.

  • CVE-2014-100005HigKEVJan 13, 2015
    risk 0.70cvss 8.0epss 0.42

    Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote management…

  • CVE-2025-34125CriJul 16, 2025
    risk 0.69cvss epss 0.03

    An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary…

  • CVE-2018-9032CriMar 27, 2018
    risk 0.69cvss 9.8epss 0.29

    An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version : A1, B1; Firmware Version : 1.02-2.06) devices potentially allows attackers to bypass SharePort Web Access Portal by directly visiting /category_view.php…

  • CVE-2017-3191CriDec 16, 2017
    risk 0.69cvss 9.8epss 0.63

    D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login page can manipulate the POST request in such a manner as to access some…

  • CVE-2018-8898CriMay 23, 2018
    risk 0.68cvss 9.8epss 0.13

    A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and…

  • CVE-2015-7247CriApr 24, 2017
    risk 0.68cvss 9.8epss 0.10

    D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.

  • CVE-2015-7246CriApr 24, 2017
    risk 0.68cvss 9.8epss 0.14

    D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.

  • CVE-2013-10050HigAug 1, 2025
    risk 0.67cvss 8.8epss 0.10

    An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing…

  • CVE-2017-3192CriDec 16, 2017
    risk 0.67cvss 9.8epss 0.39

    D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 encoding in the returned web page. A remote attacker with access to this page…

  • CVE-2014-7859CriAug 25, 2017
    risk 0.65cvss 9.8epss 0.21

    Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed "Host" and…

  • CVE-2014-7858CriAug 25, 2017
    risk 0.65cvss 9.8epss 0.15

    The check_login function in D-Link DNR-326 before 2.10 build 03 allows remote attackers to bypass authentication and log in by setting the username cookie parameter to an arbitrary string.

  • CVE-2014-7857CriAug 25, 2017
    risk 0.65cvss 9.8epss 0.15

    D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the…

  • CVE-2016-5681CriAug 25, 2016
    risk 0.65cvss 9.8epss 0.12

    Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14,…

  • CVE-2026-7854CriMay 5, 2026
    risk 0.64cvss 9.8epss 0.06

    A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack…

  • CVE-2026-7853CriMay 5, 2026
    risk 0.64cvss 9.8epss 0.02

    A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The…

  • CVE-2026-42376CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01_dlob_dir456U" read from…

  • CVE-2026-42375CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The…

  • CVE-2026-42374CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read from /etc/alpha_config/image_sign. The…

  • CVE-2026-42373CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" read from /etc/alpha_config/image_sign.…

  • CVE-2026-7248CriApr 28, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made…

  • CVE-2026-4181CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack…

  • CVE-2025-29165CriMar 5, 2026
    risk 0.64cvss 9.8epss 0.01

    An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component

  • CVE-2024-57595CriJan 27, 2025
    risk 0.64cvss 9.8epss 0.01

    DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface apc_client_pin.cgi, which allows remote attackers to execute arbitrary commands via the parameter "wps_pin" passed to the apc_client_pin.cgi binary through a POST request.

  • CVE-2024-45623CriSep 2, 2024
    risk 0.64cvss 9.8epss 0.01

    D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the ATP binary that handles PHP HTTP GET requests for the Apache HTTP Server (httpd). NOTE: This vulnerability only affects products that are no…

  • CVE-2018-14081CriOct 9, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. Device passwords, such as the admin password and the WPA key, are stored in cleartext.

  • CVE-2018-17881CriOct 3, 2018
    risk 0.64cvss 9.8epss 0.01

    On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger an admin password change.

  • CVE-2018-17787CriOct 2, 2018
    risk 0.64cvss 9.8epss 0.04

    On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.

  • CVE-2018-17786CriOct 2, 2018
    risk 0.64cvss 9.8epss 0.04

    On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh, and upload_firmware.cgi do not require authentication, which allows remote attackers to execute arbitrary code.

  • CVE-2018-17068CriSep 15, 2018
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum parameter.

  • CVE-2018-17067CriSep 15, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.

  • CVE-2018-17066CriSep 15, 2018
    risk 0.64cvss 9.8epss 0.07

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter.

  • CVE-2018-17065CriSep 15, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.

  • CVE-2018-17064CriSep 15, 2018
    risk 0.64cvss 9.8epss 0.07

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is…

  • CVE-2018-17063CriSep 15, 2018
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters.

  • CVE-2017-11563CriAug 24, 2018
    risk 0.64cvss 9.8epss 0.05

    D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has a remote code execution vulnerability. A UDP "Discover" service, which provides multiple functions such as changing the passwords and getting basic information, was installed on the device. A remote attacker can send a crafted UDP…

  • CVE-2018-6213CriJun 20, 2018
    risk 0.64cvss 9.8epss 0.03

    In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.

  • CVE-2018-6210CriJun 19, 2018
    risk 0.64cvss 9.8epss 0.03

    D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session.

  • CVE-2018-10968CriMay 18, 2018
    risk 0.64cvss 9.8epss 0.02

    On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability.

  • CVE-2018-11013CriMay 13, 2018
    risk 0.64cvss 9.8epss 0.07

    Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header.

  • CVE-2018-10996CriMay 12, 2018
    risk 0.64cvss 9.8epss 0.05

    The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable.

  • CVE-2018-10106CriApr 16, 2018
    risk 0.64cvss 9.8epss 0.02

    D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request.

  • CVE-2015-0152CriApr 12, 2018
    risk 0.64cvss 9.8epss 0.02

    D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password.

Page 1 of 37