896 matches found
CVE-2026-42372 D-Link DIR-605L A1 Hardcoded Telnet Backdoor Credentials
D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...
CVE-2026-7247
CVE-2026-7247 affects D-Link DI-8100 firmware 16.07.26A1. The vulnerability is in the File Extension Handler’s file_exten.asp, specifically the function file_exten_asp, where manipulation of the Name argument causes a buffer overflow. This enables remote exploitation, with the exploit disclosed p...
PT-2026-35742
A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub 4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed ...
CVE-2026-7027
A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...
CVE-2026-7069
A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within...
CVE-2026-7068 D-Link DIR-825 nmbd sserver.c NMBD_process buffer overflow
A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBDprocess of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used...
EUVD-2026-25701
A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013817)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013817 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011077)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011077 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of...
PT-2026-36836
Name of the Vulnerable Software and Affected Versions D-Link DIR-600L Hardware Revision A1 Description A hardcoded telnet backdoor exists in the device. At boot, the device starts a telnet daemon via the /bin/telnetd.sh script using the username "Alphanetworks" and a static password "wrgn35 dlwbr...
D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17630)
The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability is caused due to improper handling of the id parameter in the /saveparmusb.asp endpoint and can be exploited by an attacker to cause a denial of...
D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17657)
The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability is caused due to incorrect parameter boundary checking in the /yyxzdlink.asp endpoint and can be exploited by an attacker to cause a denial of servi...
CVE-2026-5981
A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST Request Handler. Such manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has...
CVE-2025-50659
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the customerror parameter in the /user.asp endpoint...
CVE-2025-50672
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxzdlink.asp endpoint...
CVE-2025-50650
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the routesstatic parameter in the /router.asp endpoint...
CVE-2026-6012 D-Link DIR-513 POST Request formSetPassword buffer overflow
A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out...
CVE-2025-45057
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ippositionasp function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-45058
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the jingxasp function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-5982 D-Link DIR-605L POST Request formAdvNetwork buffer overflow
A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the component POST Request Handler. Performing a manipulation of the argument curTime results in buffer overflow. Remote exploitation of the attack is...