VYPR

Vendor CVEs

Dlink

All CVEs

1,843 total · sorted by risk
  • CVE-2023-43197Sep 20, 2023
    risk 0.00cvss epss 0.01

    D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.

  • CVE-2023-43207Sep 20, 2023
    risk 0.00cvss epss 0.02

    D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. This vulnerability allows attackers to execute arbitrary commands via the configRestore parameter.

  • CVE-2023-39638Sep 14, 2023
    risk 0.00cvss epss 0.03

    D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin.

  • CVE-2023-39637Sep 12, 2023
    risk 0.00cvss epss 0.02

    D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.

  • CVE-2020-19318Sep 11, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.

  • CVE-2020-19323Sep 11, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required

  • CVE-2020-19319Sep 11, 2023
    risk 0.00cvss epss 0.01

    Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login.

  • CVE-2020-19320Sep 11, 2023
    risk 0.00cvss epss 0.01

    Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login.

  • CVE-2023-4711Sep 1, 2023
    risk 0.00cvss epss 0.06

    A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be…

  • CVE-2023-39749Aug 21, 2023
    risk 0.00cvss epss 0.01

    D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request.

  • CVE-2023-39665Aug 18, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter.

  • CVE-2023-39671Aug 18, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.

  • CVE-2023-39674Aug 18, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.

  • CVE-2023-39668Aug 18, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function.

  • CVE-2023-39669Aug 18, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.

  • CVE-2023-39666Aug 18, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters.

  • CVE-2023-39667Aug 18, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function.

  • CVE-2023-36092Jul 31, 2023
    risk 0.00cvss epss 0.01

    Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

  • CVE-2023-36089Jul 31, 2023
    risk 0.00cvss epss 0.01

    Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

  • CVE-2023-36091Jul 31, 2023
    risk 0.00cvss epss 0.01

    Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

  • CVE-2023-36090Jul 31, 2023
    risk 0.00cvss epss 0.01

    Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

  • CVE-2023-37758Jul 18, 2023
    risk 0.00cvss epss 0.01

    D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi.

  • CVE-2023-26616Jun 29, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.

  • CVE-2023-26612Jun 29, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.

  • CVE-2023-32224Jun 28, 2023
    risk 0.00cvss epss 0.01

    D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts

  • CVE-2023-32222Jun 28, 2023
    risk 0.00cvss epss 0.02

    D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method.

  • CVE-2023-26615Jun 28, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.

  • CVE-2023-32223Jun 28, 2023
    risk 0.00cvss epss 0.02

    D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method.

  • CVE-2023-33626Jun 12, 2023
    risk 0.00cvss epss 0.02

    D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary.

  • CVE-2023-34856Jun 9, 2023
    risk 0.00cvss epss 0.01

    A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /auth_pic.cgi.

  • CVE-2023-31814May 23, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.

  • CVE-2023-29961May 16, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,

  • CVE-2023-29856May 2, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary.

  • CVE-2023-30061May 1, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi.

  • CVE-2023-30063May 1, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass.

  • CVE-2023-29665Apr 17, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.

  • CVE-2023-27719Apr 9, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

  • CVE-2023-27718Apr 9, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

  • CVE-2023-27720Apr 9, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

  • CVE-2023-24799Apr 7, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

  • CVE-2023-24800Apr 7, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

  • CVE-2023-24798Apr 7, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

  • CVE-2023-24797Apr 7, 2023
    risk 0.00cvss epss 0.01

    D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

  • CVE-2023-26925Mar 31, 2023
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information.

  • CVE-2022-43625Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43631Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43632Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-3210Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP…

  • CVE-2022-43648Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 1.20B03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MiniDLNA service. The issue results from…

  • CVE-2022-43643Mar 29, 2023
    risk 0.00cvss epss 0.02

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd service,…

Page 29 of 37