Vendor CVEs
Dlink
All CVEs
1,843 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-32153 | 0.00 | — | 0.23 | May 3, 2024 | D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this… | |||
| CVE-2023-32152 | 0.00 | — | 0.27 | May 3, 2024 | D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific… | |||
| CVE-2023-32151 | 0.00 | — | 0.02 | May 3, 2024 | D-Link DIR-2640 DestNetwork Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this… | |||
| CVE-2023-32150 | 0.00 | — | 0.23 | May 3, 2024 | D-Link DIR-2640 PrefixLen Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this… | |||
| CVE-2023-32149 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to… | |||
| CVE-2023-32148 | 0.00 | — | 0.27 | May 3, 2024 | D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific… | |||
| CVE-2023-32147 | 0.00 | — | 0.02 | May 3, 2024 | D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this… | |||
| CVE-2023-32146 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit… | |||
| CVE-2023-32145 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The… | |||
| CVE-2023-32144 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to… | |||
| CVE-2023-32143 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this… | |||
| CVE-2023-32142 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this… | |||
| CVE-2023-32141 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit… | |||
| CVE-2023-32140 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit… | |||
| CVE-2023-32139 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this… | |||
| CVE-2023-32138 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this… | |||
| CVE-2023-32137 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to… | |||
| CVE-2023-32136 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this… | |||
| CVE-2023-41222 | 0.00 | — | 0.01 | May 3, 2024 | D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit… | |||
| CVE-2023-51631 | 0.00 | — | 0.01 | May 1, 2024 | D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit… | |||
| CVE-2024-33345 | 0.00 | — | 0.01 | Apr 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2024-33342 | 0.00 | — | 0.02 | Apr 26, 2024 | D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. | |||
| CVE-2024-27683 | 0.00 | — | 0.01 | Mar 21, 2024 | D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. An attacker can send a POST request to trigger the vulnerablilify. | |||
| CVE-2024-27684 | 0.00 | — | 0.01 | Mar 4, 2024 | A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | |||
| CVE-2024-27655 | 0.00 | — | 0.01 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||
| CVE-2024-27658 | 0.00 | — | 0.01 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2024-27656 | 0.00 | — | 0.01 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||
| CVE-2024-27657 | 0.00 | — | 0.01 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||
| CVE-2024-27662 | 0.00 | — | 0.00 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2024-27661 | 0.00 | — | 0.00 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2024-27660 | 0.00 | — | 0.01 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2024-27659 | 0.00 | — | 0.01 | Feb 29, 2024 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2024-1786 | 0.00 | — | 0.03 | Feb 23, 2024 | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation of the argument username leads to buffer overflow.… | |||
| CVE-2023-24331 | 0.00 | — | 0.02 | Feb 21, 2024 | Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter. | |||
| CVE-2023-24330 | 0.00 | — | 0.01 | Feb 21, 2024 | Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/. | |||
| CVE-2024-24321 | 0.00 | — | 0.02 | Feb 8, 2024 | An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. | |||
| CVE-2024-22852 | 0.00 | — | 0.01 | Feb 6, 2024 | D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload. | |||
| CVE-2024-22751 | 0.00 | — | 0.01 | Jan 24, 2024 | D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the sub_477AA0 function. | |||
| CVE-2024-22916 | 0.00 | — | 0.01 | Jan 16, 2024 | In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow. | |||
| CVE-2023-51987 | 0.00 | — | 0.01 | Jan 11, 2024 | D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | |||
| CVE-2023-41603 | 0.00 | — | 0.00 | Jan 10, 2024 | D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6. | |||
| CVE-2023-7163 | 0.00 | — | 0.02 | Dec 28, 2023 | A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory… | |||
| CVE-2023-49004 | 0.00 | — | 0.02 | Dec 19, 2023 | An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter. | |||
| CVE-2023-6581 | 0.00 | — | 0.04 | Dec 7, 2023 | A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and… | |||
| CVE-2023-6580 | 0.00 | — | 0.02 | Dec 7, 2023 | A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqos_express_devices/smartqos_normal_devices leads to… | |||
| CVE-2023-46033 | 0.00 | — | 0.00 | Oct 19, 2023 | D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control. | |||
| CVE-2023-44694 | 0.00 | — | 0.01 | Oct 17, 2023 | D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php. | |||
| CVE-2023-44808 | 0.00 | — | 0.01 | Oct 16, 2023 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. | |||
| CVE-2023-44809 | 0.00 | — | 0.01 | Oct 16, 2023 | D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. | |||
| CVE-2023-45208 | 0.00 | — | 0.01 | Oct 10, 2023 | A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repeater, via a crafted SSID.… |
- CVE-2023-32153May 3, 2024risk 0.00cvss —epss 0.23
D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…
- CVE-2023-32152May 3, 2024risk 0.00cvss —epss 0.27
D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific…
- CVE-2023-32151May 3, 2024risk 0.00cvss —epss 0.02
D-Link DIR-2640 DestNetwork Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…
- CVE-2023-32150May 3, 2024risk 0.00cvss —epss 0.23
D-Link DIR-2640 PrefixLen Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…
- CVE-2023-32149May 3, 2024risk 0.00cvss —epss 0.01
D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to…
- CVE-2023-32148May 3, 2024risk 0.00cvss —epss 0.27
D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific…
- CVE-2023-32147May 3, 2024risk 0.00cvss —epss 0.02
D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…
- CVE-2023-32146May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit…
- CVE-2023-32145May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The…
- CVE-2023-32144May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to…
- CVE-2023-32143May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…
- CVE-2023-32142May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…
- CVE-2023-32141May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit…
- CVE-2023-32140May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit…
- CVE-2023-32139May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…
- CVE-2023-32138May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…
- CVE-2023-32137May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to…
- CVE-2023-32136May 3, 2024risk 0.00cvss —epss 0.01
D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…
- CVE-2023-41222May 3, 2024risk 0.00cvss —epss 0.01
D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit…
- CVE-2023-51631May 1, 2024risk 0.00cvss —epss 0.01
D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit…
- CVE-2024-33345Apr 29, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2024-33342Apr 26, 2024risk 0.00cvss —epss 0.02
D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell.
- CVE-2024-27683Mar 21, 2024risk 0.00cvss —epss 0.01
D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. An attacker can send a POST request to trigger the vulnerablilify.
- CVE-2024-27684Mar 4, 2024risk 0.00cvss —epss 0.01
A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
- CVE-2024-27655Feb 29, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
- CVE-2024-27658Feb 29, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2024-27656Feb 29, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
- CVE-2024-27657Feb 29, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
- CVE-2024-27662Feb 29, 2024risk 0.00cvss —epss 0.00
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2024-27661Feb 29, 2024risk 0.00cvss —epss 0.00
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2024-27660Feb 29, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2024-27659Feb 29, 2024risk 0.00cvss —epss 0.01
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2024-1786Feb 23, 2024risk 0.00cvss —epss 0.03
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation of the argument username leads to buffer overflow.…
- CVE-2023-24331Feb 21, 2024risk 0.00cvss —epss 0.02
Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter.
- CVE-2023-24330Feb 21, 2024risk 0.00cvss —epss 0.01
Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/.
- CVE-2024-24321Feb 8, 2024risk 0.00cvss —epss 0.02
An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.
- CVE-2024-22852Feb 6, 2024risk 0.00cvss —epss 0.01
D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload.
- CVE-2024-22751Jan 24, 2024risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the sub_477AA0 function.
- CVE-2024-22916Jan 16, 2024risk 0.00cvss —epss 0.01
In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow.
- CVE-2023-51987Jan 11, 2024risk 0.00cvss —epss 0.01
D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords.
- CVE-2023-41603Jan 10, 2024risk 0.00cvss —epss 0.00
D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.
- CVE-2023-7163Dec 28, 2023risk 0.00cvss —epss 0.02
A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory…
- CVE-2023-49004Dec 19, 2023risk 0.00cvss —epss 0.02
An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter.
- CVE-2023-6581Dec 7, 2023risk 0.00cvss —epss 0.04
A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and…
- CVE-2023-6580Dec 7, 2023risk 0.00cvss —epss 0.02
A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqos_express_devices/smartqos_normal_devices leads to…
- CVE-2023-46033Oct 19, 2023risk 0.00cvss —epss 0.00
D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control.
- CVE-2023-44694Oct 17, 2023risk 0.00cvss —epss 0.01
D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php.
- CVE-2023-44808Oct 16, 2023risk 0.00cvss —epss 0.01
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.
- CVE-2023-44809Oct 16, 2023risk 0.00cvss —epss 0.01
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.
- CVE-2023-45208Oct 10, 2023risk 0.00cvss —epss 0.01
A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repeater, via a crafted SSID.…
Page 27 of 37