Vendor CVEs
Dlink
All CVEs
1,843 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-43644 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service,… | |||
| CVE-2022-43626 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43619 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43628 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43629 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43647 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP… | |||
| CVE-2022-43621 | 0.00 | — | 0.02 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue… | |||
| CVE-2022-43620 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue… | |||
| CVE-2022-43633 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43642 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the YouTube plugin for the xupnpd service,… | |||
| CVE-2022-43622 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web… | |||
| CVE-2022-43630 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of http requests to the web… | |||
| CVE-2022-43624 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43623 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43627 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw… | |||
| CVE-2022-43646 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Vimeo plugin for the xupnpd service,… | |||
| CVE-2022-43645 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IVI plugin for the xupnpd service, which… | |||
| CVE-2023-25281 | 0.00 | — | 0.01 | Mar 16, 2023 | A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. | |||
| CVE-2023-25282 | 0.00 | — | 0.01 | Mar 15, 2023 | A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. | |||
| CVE-2023-24762 | 0.00 | — | 0.03 | Mar 13, 2023 | OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1. | |||
| CVE-2023-25283 | 0.00 | — | 0.01 | Mar 13, 2023 | A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. | |||
| CVE-2023-24349 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. | |||
| CVE-2023-24348 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. | |||
| CVE-2023-24351 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. | |||
| CVE-2023-24350 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. | |||
| CVE-2023-24346 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. | |||
| CVE-2023-24343 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. | |||
| CVE-2023-24344 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. | |||
| CVE-2023-24345 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. | |||
| CVE-2023-24347 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. | |||
| CVE-2023-24352 | 0.00 | — | 0.01 | Feb 10, 2023 | D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. | |||
| CVE-2022-47035 | 0.00 | — | 0.01 | Jan 31, 2023 | Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute arbitrary code via the GetConfig method to the /CPE endpoint. | |||
| CVE-2022-40717 | 0.00 | — | 0.01 | Jan 26, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by… | |||
| CVE-2022-40718 | 0.00 | — | 0.01 | Jan 26, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by… | |||
| CVE-2022-40719 | 0.00 | — | 0.01 | Jan 26, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the… | |||
| CVE-2022-40720 | 0.00 | — | 0.01 | Jan 26, 2023 | This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd… | |||
| CVE-2022-46475 | 0.00 | — | 0.10 | Jan 17, 2023 | D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function. | |||
| CVE-2022-46560 | 0.00 | — | 0.01 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. | |||
| CVE-2022-46569 | 0.00 | — | 0.02 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module. | |||
| CVE-2022-46563 | 0.00 | — | 0.01 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module. | |||
| CVE-2022-46562 | 0.00 | — | 0.01 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module. | |||
| CVE-2022-46568 | 0.00 | — | 0.01 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. | |||
| CVE-2022-46566 | 0.00 | — | 0.01 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module. | |||
| CVE-2022-46561 | 0.00 | — | 0.01 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module. | |||
| CVE-2022-46570 | 0.00 | — | 0.01 | Dec 23, 2022 | D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. | |||
| CVE-2022-46076 | 0.00 | — | 0.01 | Dec 20, 2022 | D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. | |||
| CVE-2022-38873 | 0.00 | — | 0.00 | Dec 20, 2022 | D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta… | |||
| CVE-2022-44929 | 0.00 | — | 0.01 | Dec 2, 2022 | An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. | |||
| CVE-2022-44202 | 0.00 | — | 0.01 | Nov 22, 2022 | D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. | |||
| CVE-2022-44807 | 0.00 | — | 0.01 | Nov 22, 2022 | D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString. |
- CVE-2022-43644Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service,…
- CVE-2022-43626Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43619Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43628Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43629Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43647Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP…
- CVE-2022-43621Mar 29, 2023risk 0.00cvss —epss 0.02
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue…
- CVE-2022-43620Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue…
- CVE-2022-43633Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43642Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the YouTube plugin for the xupnpd service,…
- CVE-2022-43622Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web…
- CVE-2022-43630Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of http requests to the web…
- CVE-2022-43624Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43623Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43627Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw…
- CVE-2022-43646Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Vimeo plugin for the xupnpd service,…
- CVE-2022-43645Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IVI plugin for the xupnpd service, which…
- CVE-2023-25281Mar 16, 2023risk 0.00cvss —epss 0.01
A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.
- CVE-2023-25282Mar 15, 2023risk 0.00cvss —epss 0.01
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.
- CVE-2023-24762Mar 13, 2023risk 0.00cvss —epss 0.03
OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1.
- CVE-2023-25283Mar 13, 2023risk 0.00cvss —epss 0.01
A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.
- CVE-2023-24349Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute.
- CVE-2023-24348Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter.
- CVE-2023-24351Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin.
- CVE-2023-24350Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail.
- CVE-2023-24346Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3.
- CVE-2023-24343Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule.
- CVE-2023-24344Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup.
- CVE-2023-24345Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus.
- CVE-2023-24347Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus.
- CVE-2023-24352Feb 10, 2023risk 0.00cvss —epss 0.01
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS.
- CVE-2022-47035Jan 31, 2023risk 0.00cvss —epss 0.01
Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute arbitrary code via the GetConfig method to the /CPE endpoint.
- CVE-2022-40717Jan 26, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by…
- CVE-2022-40718Jan 26, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by…
- CVE-2022-40719Jan 26, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the…
- CVE-2022-40720Jan 26, 2023risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd…
- CVE-2022-46475Jan 17, 2023risk 0.00cvss —epss 0.10
D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function.
- CVE-2022-46560Dec 23, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module.
- CVE-2022-46569Dec 23, 2022risk 0.00cvss —epss 0.02
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module.
- CVE-2022-46563Dec 23, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module.
- CVE-2022-46562Dec 23, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module.
- CVE-2022-46568Dec 23, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module.
- CVE-2022-46566Dec 23, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module.
- CVE-2022-46561Dec 23, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module.
- CVE-2022-46570Dec 23, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module.
- CVE-2022-46076Dec 20, 2022risk 0.00cvss —epss 0.01
D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.
- CVE-2022-38873Dec 20, 2022risk 0.00cvss —epss 0.00
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta…
- CVE-2022-44929Dec 2, 2022risk 0.00cvss —epss 0.01
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.
- CVE-2022-44202Nov 22, 2022risk 0.00cvss —epss 0.01
D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.
- CVE-2022-44807Nov 22, 2022risk 0.00cvss —epss 0.01
D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.
Page 30 of 37