CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

D-Link DCS-5020L (firmware 1.01_B2) is affected by a buffer overflow in the function websReadEvent() of /rame/ptdc.cgi, caused by improper handling of the Authorization argument. This remote vulnerability can be triggered over the network and has been publicly disclosed; affected products are not...

9.8CVSS7.1AI score0.0085EPSS

Exploits1References6Affected Software1

RedhatCVE•added 2025/05/23 10:46 a.m.•5 views

CVE-2024-48630

D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the MacAddress parameter in the SetMACFilters2 function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...

8CVSS8.7AI score0.00253EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:23 a.m.•7 views

CVE-2023-43235

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings...

9.8CVSS7.9AI score0.02175EPSS

Exploits1

RedhatCVE•added 2025/05/23 3:27 a.m.•4 views

CVE-2023-34856

A Cross Site Scripting XSS vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /authpic.cgi...

5.4CVSS6.2AI score0.00096EPSS

Exploits1

RedhatCVE•added 2025/05/23 12:22 a.m.•5 views

CVE-2022-46563

D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module...

7.2CVSS7.8AI score0.01974EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:43 p.m.•1 views

CVE-2022-28932

D-Link DSL-G2452DG HW:T1\\tFW:ME2.00 was discovered to contain insecure permissions...

9.8CVSS7.4AI score0.00751EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:1 p.m.•5 views

CVE-2020-25079

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddnsenc.cgi allows authenticated command injection...

9CVSS6.9AI score0.41904EPSS

Exploits1

Positive Technologies•added 2025/05/22 12:0 a.m.•4 views

PT-2025-22944 · D Link · D-Link Dcs-5020L

Name of the Vulnerable Software and Affected Versions: D-Link DCS-5020L version 1.01 B2 Description: A critical vulnerability has been found in the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the Authorization argument leads to a stack-based buffer overflow. It is...

9.8CVSS8.7AI score0.0085EPSS

Exploits1References17

Positive Technologies•added 2025/03/12 12:0 a.m.•2 views

PT-2025-22423

Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description The issue allows a remote attacker to bypass administrator login authentication. This means an attacker can access the administrator account without providing the correct login credentials...

9.8CVSS6.7AI score0.00764EPSS

Exploits0References8

NVD•added 2024/09/04 1:15 p.m.•13 views

CVE-2024-44400

A vulnerability was discovered in DI8400-16.07.26A1, which has been classified as critical. This issue affects the upgradefilterasp function in the upgradefilter.asp file. Manipulation of the path parameter can lead to command injection...

9.8CVSS0.39883EPSS

Exploits1References2

Prion•added 2023/09/21 1:15 p.m.•13 views

Stack overflow

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings...

7.5CVSS9.6AI score0.02175EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2023/09/11 12:0 a.m.•3 views

PT-2023-11520 · D Link · Dlink 619L

Name of the Vulnerable Software and Affected Versions: DLINK 619L version B 2.06beta Description: A buffer overflow issue exists via the FILECODE parameter on login, which can be exploited. Recommendations: For DLINK 619L version B 2.06beta, avoid using the FILECODE parameter in the login process...

9.8CVSS9.5AI score0.00396EPSS

Exploits1References4