Vendor CVEs
Dlink
All CVEs
1,843 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-43197 | 0.00 | — | 0.01 | Sep 20, 2023 | D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function. | |||
| CVE-2023-43207 | 0.00 | — | 0.02 | Sep 20, 2023 | D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. This vulnerability allows attackers to execute arbitrary commands via the configRestore parameter. | |||
| CVE-2023-39638 | 0.00 | — | 0.03 | Sep 14, 2023 | D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin. | |||
| CVE-2023-39637 | 0.00 | — | 0.02 | Sep 12, 2023 | D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis. | |||
| CVE-2020-19318 | 0.00 | — | 0.01 | Sep 11, 2023 | Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program. | |||
| CVE-2020-19323 | 0.00 | — | 0.01 | Sep 11, 2023 | An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required | |||
| CVE-2020-19319 | 0.00 | — | 0.01 | Sep 11, 2023 | Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login. | |||
| CVE-2020-19320 | 0.00 | — | 0.01 | Sep 11, 2023 | Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login. | |||
| CVE-2023-4711 | 0.00 | — | 0.06 | Sep 1, 2023 | A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be… | |||
| CVE-2023-39749 | 0.00 | — | 0.01 | Aug 21, 2023 | D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request. | |||
| CVE-2023-39665 | 0.00 | — | 0.01 | Aug 18, 2023 | D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter. | |||
| CVE-2023-39671 | 0.00 | — | 0.01 | Aug 18, 2023 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68. | |||
| CVE-2023-39674 | 0.00 | — | 0.01 | Aug 18, 2023 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets. | |||
| CVE-2023-39668 | 0.00 | — | 0.01 | Aug 18, 2023 | D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function. | |||
| CVE-2023-39669 | 0.00 | — | 0.01 | Aug 18, 2023 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824. | |||
| CVE-2023-39666 | 0.00 | — | 0.01 | Aug 18, 2023 | D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters. | |||
| CVE-2023-39667 | 0.00 | — | 0.01 | Aug 18, 2023 | D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function. | |||
| CVE-2023-36092 | 0.00 | — | 0.01 | Jul 31, 2023 | Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||
| CVE-2023-36089 | 0.00 | — | 0.01 | Jul 31, 2023 | Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||
| CVE-2023-36091 | 0.00 | — | 0.01 | Jul 31, 2023 | Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||
| CVE-2023-36090 | 0.00 | — | 0.01 | Jul 31, 2023 | Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||
| CVE-2023-37758 | 0.00 | — | 0.01 | Jul 18, 2023 | D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi. | |||
| CVE-2023-26616 | 0.00 | — | 0.01 | Jun 29, 2023 | D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. | |||
| CVE-2023-26612 | 0.00 | — | 0.01 | Jun 29, 2023 | D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. | |||
| CVE-2023-32224 | 0.00 | — | 0.01 | Jun 28, 2023 | D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts | |||
| CVE-2023-32222 | 0.00 | — | 0.02 | Jun 28, 2023 | D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method. | |||
| CVE-2023-26615 | 0.00 | — | 0.01 | Jun 28, 2023 | D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password. | |||
| CVE-2023-32223 | 0.00 | — | 0.02 | Jun 28, 2023 | D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method. | |||
| CVE-2023-33626 | 0.00 | — | 0.02 | Jun 12, 2023 | D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary. | |||
| CVE-2023-34856 | 0.00 | — | 0.01 | Jun 9, 2023 | A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /auth_pic.cgi. | |||
| CVE-2023-31814 | 0.00 | — | 0.01 | May 23, 2023 | D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php. | |||
| CVE-2023-29961 | 0.00 | — | 0.01 | May 16, 2023 | D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup, | |||
| CVE-2023-29856 | 0.00 | — | 0.01 | May 2, 2023 | D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary. | |||
| CVE-2023-30061 | 0.00 | — | 0.01 | May 1, 2023 | D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi. | |||
| CVE-2023-30063 | 0.00 | — | 0.01 | May 1, 2023 | D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass. | |||
| CVE-2023-29665 | 0.00 | — | 0.01 | Apr 17, 2023 | D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings. | |||
| CVE-2023-27719 | 0.00 | — | 0.01 | Apr 9, 2023 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27718 | 0.00 | — | 0.01 | Apr 9, 2023 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27720 | 0.00 | — | 0.01 | Apr 9, 2023 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-24799 | 0.00 | — | 0.01 | Apr 7, 2023 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-24800 | 0.00 | — | 0.01 | Apr 7, 2023 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-24798 | 0.00 | — | 0.01 | Apr 7, 2023 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-24797 | 0.00 | — | 0.01 | Apr 7, 2023 | D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-26925 | 0.00 | — | 0.01 | Mar 31, 2023 | An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information. | |||
| CVE-2022-43625 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43631 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43632 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-3210 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP… | |||
| CVE-2022-43648 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 1.20B03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MiniDLNA service. The issue results from… | |||
| CVE-2022-43643 | 0.00 | — | 0.02 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd service,… |
- CVE-2023-43197Sep 20, 2023risk 0.00cvss —epss 0.01
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.
- CVE-2023-43207Sep 20, 2023risk 0.00cvss —epss 0.02
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. This vulnerability allows attackers to execute arbitrary commands via the configRestore parameter.
- CVE-2023-39638Sep 14, 2023risk 0.00cvss —epss 0.03
D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin.
- CVE-2023-39637Sep 12, 2023risk 0.00cvss —epss 0.02
D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.
- CVE-2020-19318Sep 11, 2023risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.
- CVE-2020-19323Sep 11, 2023risk 0.00cvss —epss 0.01
An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required
- CVE-2020-19319Sep 11, 2023risk 0.00cvss —epss 0.01
Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login.
- CVE-2020-19320Sep 11, 2023risk 0.00cvss —epss 0.01
Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login.
- CVE-2023-4711Sep 1, 2023risk 0.00cvss —epss 0.06
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be…
- CVE-2023-39749Aug 21, 2023risk 0.00cvss —epss 0.01
D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request.
- CVE-2023-39665Aug 18, 2023risk 0.00cvss —epss 0.01
D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter.
- CVE-2023-39671Aug 18, 2023risk 0.00cvss —epss 0.01
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.
- CVE-2023-39674Aug 18, 2023risk 0.00cvss —epss 0.01
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.
- CVE-2023-39668Aug 18, 2023risk 0.00cvss —epss 0.01
D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function.
- CVE-2023-39669Aug 18, 2023risk 0.00cvss —epss 0.01
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.
- CVE-2023-39666Aug 18, 2023risk 0.00cvss —epss 0.01
D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters.
- CVE-2023-39667Aug 18, 2023risk 0.00cvss —epss 0.01
D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function.
- CVE-2023-36092Jul 31, 2023risk 0.00cvss —epss 0.01
Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- CVE-2023-36089Jul 31, 2023risk 0.00cvss —epss 0.01
Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- CVE-2023-36091Jul 31, 2023risk 0.00cvss —epss 0.01
Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- CVE-2023-36090Jul 31, 2023risk 0.00cvss —epss 0.01
Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- CVE-2023-37758Jul 18, 2023risk 0.00cvss —epss 0.01
D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi.
- CVE-2023-26616Jun 29, 2023risk 0.00cvss —epss 0.01
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.
- CVE-2023-26612Jun 29, 2023risk 0.00cvss —epss 0.01
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.
- CVE-2023-32224Jun 28, 2023risk 0.00cvss —epss 0.01
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts
- CVE-2023-32222Jun 28, 2023risk 0.00cvss —epss 0.02
D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method.
- CVE-2023-26615Jun 28, 2023risk 0.00cvss —epss 0.01
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
- CVE-2023-32223Jun 28, 2023risk 0.00cvss —epss 0.02
D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method.
- CVE-2023-33626Jun 12, 2023risk 0.00cvss —epss 0.02
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary.
- CVE-2023-34856Jun 9, 2023risk 0.00cvss —epss 0.01
A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /auth_pic.cgi.
- CVE-2023-31814May 23, 2023risk 0.00cvss —epss 0.01
D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.
- CVE-2023-29961May 16, 2023risk 0.00cvss —epss 0.01
D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,
- CVE-2023-29856May 2, 2023risk 0.00cvss —epss 0.01
D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary.
- CVE-2023-30061May 1, 2023risk 0.00cvss —epss 0.01
D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi.
- CVE-2023-30063May 1, 2023risk 0.00cvss —epss 0.01
D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass.
- CVE-2023-29665Apr 17, 2023risk 0.00cvss —epss 0.01
D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.
- CVE-2023-27719Apr 9, 2023risk 0.00cvss —epss 0.01
D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27718Apr 9, 2023risk 0.00cvss —epss 0.01
D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27720Apr 9, 2023risk 0.00cvss —epss 0.01
D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-24799Apr 7, 2023risk 0.00cvss —epss 0.01
D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-24800Apr 7, 2023risk 0.00cvss —epss 0.01
D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-24798Apr 7, 2023risk 0.00cvss —epss 0.01
D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-24797Apr 7, 2023risk 0.00cvss —epss 0.01
D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-26925Mar 31, 2023risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information.
- CVE-2022-43625Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43631Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43632Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-3210Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP…
- CVE-2022-43648Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 1.20B03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MiniDLNA service. The issue results from…
- CVE-2022-43643Mar 29, 2023risk 0.00cvss —epss 0.02
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd service,…
Page 29 of 37