VYPR

Vendor CVEs

Dlink

All CVEs

1,843 total · sorted by risk
  • CVE-2022-43644Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service,…

  • CVE-2022-43626Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43619Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43628Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43629Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43647Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP…

  • CVE-2022-43621Mar 29, 2023
    risk 0.00cvss epss 0.02

    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue…

  • CVE-2022-43620Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue…

  • CVE-2022-43633Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43642Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the YouTube plugin for the xupnpd service,…

  • CVE-2022-43622Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web…

  • CVE-2022-43630Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of http requests to the web…

  • CVE-2022-43624Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43623Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43627Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…

  • CVE-2022-43646Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Vimeo plugin for the xupnpd service,…

  • CVE-2022-43645Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IVI plugin for the xupnpd service, which…

  • CVE-2023-25281Mar 16, 2023
    risk 0.00cvss epss 0.01

    A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.

  • CVE-2023-25282Mar 15, 2023
    risk 0.00cvss epss 0.01

    A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.

  • CVE-2023-24762Mar 13, 2023
    risk 0.00cvss epss 0.03

    OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1.

  • CVE-2023-25283Mar 13, 2023
    risk 0.00cvss epss 0.01

    A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.

  • CVE-2023-24349Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute.

  • CVE-2023-24348Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter.

  • CVE-2023-24351Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin.

  • CVE-2023-24350Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail.

  • CVE-2023-24346Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3.

  • CVE-2023-24343Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule.

  • CVE-2023-24344Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup.

  • CVE-2023-24345Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus.

  • CVE-2023-24347Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus.

  • CVE-2023-24352Feb 10, 2023
    risk 0.00cvss epss 0.01

    D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS.

  • CVE-2022-47035Jan 31, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute arbitrary code via the GetConfig method to the /CPE endpoint.

  • CVE-2022-40717Jan 26, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by…

  • CVE-2022-40718Jan 26, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by…

  • CVE-2022-40719Jan 26, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the…

  • CVE-2022-40720Jan 26, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd…

  • CVE-2022-46475Jan 17, 2023
    risk 0.00cvss epss 0.10

    D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function.

  • CVE-2022-46560Dec 23, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module.

  • CVE-2022-46569Dec 23, 2022
    risk 0.00cvss epss 0.02

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module.

  • CVE-2022-46563Dec 23, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module.

  • CVE-2022-46562Dec 23, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module.

  • CVE-2022-46568Dec 23, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module.

  • CVE-2022-46566Dec 23, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module.

  • CVE-2022-46561Dec 23, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module.

  • CVE-2022-46570Dec 23, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module.

  • CVE-2022-46076Dec 20, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.

  • CVE-2022-38873Dec 20, 2022
    risk 0.00cvss epss 0.00

    D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta…

  • CVE-2022-44929Dec 2, 2022
    risk 0.00cvss epss 0.01

    An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.

  • CVE-2022-44202Nov 22, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.

  • CVE-2022-44807Nov 22, 2022
    risk 0.00cvss epss 0.01

    D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.

Page 30 of 37