VYPR

Vendor CVEs

Dlink

All CVEs

1,843 total · sorted by risk
  • CVE-2023-32153May 3, 2024
    risk 0.00cvss epss 0.23

    D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…

  • CVE-2023-32152May 3, 2024
    risk 0.00cvss epss 0.27

    D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific…

  • CVE-2023-32151May 3, 2024
    risk 0.00cvss epss 0.02

    D-Link DIR-2640 DestNetwork Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…

  • CVE-2023-32150May 3, 2024
    risk 0.00cvss epss 0.23

    D-Link DIR-2640 PrefixLen Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…

  • CVE-2023-32149May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to…

  • CVE-2023-32148May 3, 2024
    risk 0.00cvss epss 0.27

    D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific…

  • CVE-2023-32147May 3, 2024
    risk 0.00cvss epss 0.02

    D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this…

  • CVE-2023-32146May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit…

  • CVE-2023-32145May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The…

  • CVE-2023-32144May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to…

  • CVE-2023-32143May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…

  • CVE-2023-32142May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…

  • CVE-2023-32141May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit…

  • CVE-2023-32140May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit…

  • CVE-2023-32139May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…

  • CVE-2023-32138May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…

  • CVE-2023-32137May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to…

  • CVE-2023-32136May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this…

  • CVE-2023-41222May 3, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit…

  • CVE-2023-51631May 1, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit…

  • CVE-2024-33345Apr 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-33342Apr 26, 2024
    risk 0.00cvss epss 0.02

    D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell.

  • CVE-2024-27683Mar 21, 2024
    risk 0.00cvss epss 0.01

    D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. An attacker can send a POST request to trigger the vulnerablilify.

  • CVE-2024-27684Mar 4, 2024
    risk 0.00cvss epss 0.01

    A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

  • CVE-2024-27655Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

  • CVE-2024-27658Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27656Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

  • CVE-2024-27657Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.

  • CVE-2024-27662Feb 29, 2024
    risk 0.00cvss epss 0.00

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27661Feb 29, 2024
    risk 0.00cvss epss 0.00

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27660Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-27659Feb 29, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-1786Feb 23, 2024
    risk 0.00cvss epss 0.03

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation of the argument username leads to buffer overflow.…

  • CVE-2023-24331Feb 21, 2024
    risk 0.00cvss epss 0.02

    Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter.

  • CVE-2023-24330Feb 21, 2024
    risk 0.00cvss epss 0.01

    Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/.

  • CVE-2024-24321Feb 8, 2024
    risk 0.00cvss epss 0.02

    An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.

  • CVE-2024-22852Feb 6, 2024
    risk 0.00cvss epss 0.01

    D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload.

  • CVE-2024-22751Jan 24, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the sub_477AA0 function.

  • CVE-2024-22916Jan 16, 2024
    risk 0.00cvss epss 0.01

    In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow.

  • CVE-2023-51987Jan 11, 2024
    risk 0.00cvss epss 0.01

    D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords.

  • CVE-2023-41603Jan 10, 2024
    risk 0.00cvss epss 0.00

    D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.

  • CVE-2023-7163Dec 28, 2023
    risk 0.00cvss epss 0.02

    A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory…

  • CVE-2023-49004Dec 19, 2023
    risk 0.00cvss epss 0.02

    An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter.

  • CVE-2023-6581Dec 7, 2023
    risk 0.00cvss epss 0.04

    A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and…

  • CVE-2023-6580Dec 7, 2023
    risk 0.00cvss epss 0.02

    A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqos_express_devices/smartqos_normal_devices leads to…

  • CVE-2023-46033Oct 19, 2023
    risk 0.00cvss epss 0.00

    D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control.

  • CVE-2023-44694Oct 17, 2023
    risk 0.00cvss epss 0.01

    D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php.

  • CVE-2023-44808Oct 16, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.

  • CVE-2023-44809Oct 16, 2023
    risk 0.00cvss epss 0.01

    D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.

  • CVE-2023-45208Oct 10, 2023
    risk 0.00cvss epss 0.01

    A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repeater, via a crafted SSID.…

Page 27 of 37