CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 9:21 a.m.•5 views

CVE-2021-27250

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When...

6.5CVSS5.7AI score0.72718EPSS

RedhatCVE•added 2026/01/09 8:53 a.m.•3 views

CVE-2021-27249

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue result...

8.8CVSS7.1AI score0.05801EPSS

RedhatCVE•added 2026/01/09 8:53 a.m.•20 views

CVE-2021-27248

8.8CVSS7.1AI score0.0204EPSS

RedhatCVE•added 2026/01/07 9:29 a.m.•5 views

CVE-2019-12767

An issue was discovered on D-Link DAP-1650 devices before 1.04B02J65H Hot Fix. Attackers can execute arbitrary commands...

9.8CVSS7.7AI score0.00941EPSS

RedhatCVE•added 2026/01/07 9:11 a.m.•8 views

CVE-2025-1538

A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function setwsaction of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and m...

9CVSS7AI score0.00174EPSS

OSV•added 2025/12/16 6:16 p.m.•2 views

CVE-2023-53896

D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attackers to download device configuration settings without authentication. Attackers can exploit the /cgi-bin/ExportSettings.sh endpoint to retrieve sensitive configuration informatio...

8.7CVSS7.3AI score0.00202EPSS

NVD•added 2025/12/16 6:16 p.m.•1 views

CVE-2023-53896

8.7CVSS0.00202EPSS

CVE•added 2025/12/16 5:6 p.m.•6 views

CVE-2023-53896

CVE-2023-53896 affects D-Link DAP-1325 firmware 1.01. The Red Hat/NVD/CVE entries describe a broken access control that allows unauthenticated retrieval of device configuration settings via /cgi-bin/ExportSettings.sh, enabling disclosure of sensitive configuration data. The issue is rooted in acc...

8.7CVSS6.4AI score0.00202EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2025/12/16 5:6 p.m.•2 views

CVE-2023-53896 D-Link DAP-1325 Hardware A1 Unauthenticated Configuration Download

8.7CVSS6.4AI score0.00202EPSS

EUVD•added 2025/12/16 5:6 p.m.•2 views

EUVD-2023-60194

8.7CVSS6.2AI score0.00202EPSS

Exploits1References4

CNNVD•added 2025/12/16 12:0 a.m.•1 views

D-Link DAP-1325 访问控制错误漏洞

The D-Link DAP-1325 is a wireless access point/bridge from China's AUO D-Link, which is primarily used to provide wireless network coverage and has a bridging function to convert a wired network to a wireless network or connect two wireless networks together. An access control error vulnerability...

8.7CVSS9.1AI score0.00202EPSS

RedhatCVE•added 2025/10/28 4:54 p.m.•2 views

CVE-2025-12295

A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature are...

8.1CVSS6.8AI score0.00233EPSS

RedhatCVE•added 2025/10/28 4:54 p.m.•1 views

CVE-2025-12296

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be...

9.8CVSS7AI score0.00133EPSS