Lucene search

Dir-865l Firmware Security Vulnerabilities

cve

CVE-2020-25786

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in...

6.1CVSS

6.1AI Score

0.001EPSS

2020-09-19 08:15 PM

cve

CVE-2020-13783

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive...

7.5CVSS

7.5AI Score

0.002EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13787

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive...

7.5CVSS

7.5AI Score

0.002EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13782

D-Link DIR-865L Ax 1.20B01 Beta devices allow Command...

8.8CVSS

7AI Score

0.004EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13786

D-Link DIR-865L Ax 1.20B01 Beta devices allow...

8.8CVSS

6.9AI Score

0.001EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13785

D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption...

7.5CVSS

6.8AI Score

0.002EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13784

D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number...

7.5CVSS

7.4AI Score

0.007EPSS

2020-06-03 05:15 PM

cve

CVE-2019-20213

D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by...

7.5CVSS

7.4AI Score

0.002EPSS

2020-01-02 02:16 PM

cve

CVE-2019-17621

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local...

9.8CVSS

9.3AI Score

0.972EPSS

2019-12-30 05:15 PM

339

In Wild

cve

CVE-2013-4857

D-Link DIR-865L has PHP File Inclusion in the router xml...

9.8CVSS

7.4AI Score

0.008EPSS

2019-10-25 04:15 PM

cve

CVE-2013-4856

D-Link DIR-865L has Information...

6.5CVSS

7.4AI Score

0.001EPSS

2019-10-25 04:15 PM

cve

CVE-2013-4855

D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba...

8.8CVSS

7.3AI Score

0.001EPSS

2019-10-25 04:15 PM

cve

CVE-2018-6528

XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted...

6.1CVSS

6.1AI Score

0.002EPSS

2018-03-06 08:29 PM

cve

CVE-2018-6530

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L...

9.8CVSS

9.9AI Score

0.936EPSS

2018-03-06 08:29 PM

589

In Wild

cve

CVE-2018-6529

XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted...

6.1CVSS

6.1AI Score

0.002EPSS

2018-03-06 08:29 PM

cve

CVE-2018-6527

XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a...

6.1CVSS

6.1AI Score

0.002EPSS

2018-03-06 08:29 PM