896 matches found
CVE-2026-4377
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...
CVE-2026-42372
D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...
CVE-2026-42376
D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...
CVE-2026-11341 D-Link DWR-M920 formIMEISetup sub_412DA0 os command injection
A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-11341
The CVE-2026-11341 affects the D-Link DWR-M920 series up to firmware 1.1.50. The vulnerability is in the function sub_412DA0 of /boafrm/formIMEISetup, where improper handling of the IMEI_value enables an OS command injection. What is vulnerable: the specific function and file path in the device’s...
CVE-2026-10878 D-Link DWR-M920 formSmsManage sub_41C8E8 command injection
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...
D-Link DWR-M920 命令注入漏洞
The D-Link DWR-M920 is a router produced by D-Link Corporation. Versions of the D-Link DWR-M920 prior to 1.1.50 contained a command injection vulnerability. This vulnerability stemmed from improper handling of the ussdValue parameter in the sub41CF20 function found in the /boafrm/formUSSDSetup...
EUVD-2026-32860
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...
CVE-2026-4377
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...
D-Link DWR-X1820 安全漏洞
The D-Link DWR-X1820 is a wireless router produced by D-Link Corporation. The D-Link DWR-X1820 has a security vulnerability. This vulnerability stems from the use of weak default passwords generated from the IMEI number, and no requirement is placed on users to change them. As a result, attackers...
CVE-2018-25358
D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...
D-Link DIR-601 安全漏洞
The D-Link DIR-601 is a home wireless router produced by D-Link Corporation. The D-Link DIR-601 2.02NA version has a security vulnerability. This vulnerability arises from manipulating the tablename parameter in POST requests, which may allow unauthenticated attackers to retrieve sensitive...
CVE-2026-8346 D-Link DIR-816 portForward command injection
A vulnerability was detected in D-Link DIR-816 1.10CNB05R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ipaddress results in command injection. The attack can be initiated remotely. The exploit is now public and may be used...
CVE-2026-8344
A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...
EUVD-2026-29113
D-Link DCS-932L v2.18.01 is vulnerable to Command Injection in the function sub42EF14 of the file /bin/alphapd. The manipulation of the argument LightSensorControl leads to command injection...
Exploit for CVE-2026-8260
CVE-2026-8260 Overview A buffer overflow vulnerability af...
CVE-2026-7857
A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...
CVE-2026-7853 D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow
A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...
D-Link DI-8100 缓冲区错误漏洞
The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer error vulnerability. This vulnerability arises from the function sprintf in the file yyxz.asp, where the handli...
CVE-2026-42374
D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...