CVE-2025-60344

A path traversal directory traversal vulnerability in D-Link DSR series routers allows unauthenticated remote attackers to manipulate input parameters used for file or directory path resolution e.g., via sequences such as “../”. Successful exploitation may allow access to files outside of the...

CVE-2025-60344

A path traversal directory traversal vulnerability in D-Link DSR series routers allows unauthenticated remote attackers to manipulate input parameters used for file or directory path resolution e.g., via sequences such as “../”. Successful exploitation may allow access to files outside of the...

D-Link DSR-150 安全漏洞

D-Link DSR-150 is a Unified Services Router from China AUO D-Link. A security vulnerability exists in the D-Link DSR-150 v1.09B32WWW, which stems from an unauthenticated local file inclusion vulnerability that could allow a remote attacker to gain access to sensitive configuration files in...

D-Link多款产品 安全漏洞

The D-Link DSR-250N, among others, is a Unified Services Router from China-based AUO D-Link. A security vulnerability exists in various D-Link products. An attacker exploiting the vulnerability can remotely execute code. The following products are affected: DSR-150, DSR-150N, DSR-250, DSR-250N,...

PT-2025-3435 · D Link · Dsr-250 +4

Name of the Vulnerable Software and Affected Versions: D-Link DSR-150 versions 3.13 through 3.17B901C D-Link DSR-150N versions 3.13 through 3.17B901C D-Link DSR-250 versions 3.13 through 3.17B901C D-Link DSR-250N versions 3.13 through 3.17B901C D-Link DSR-500N versions 3.13 through 3.17B901C D-Li...

CVE-2020-25757

A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. This affects DSR-150, DSR-250, DSR-500, and DSR-1000AC with firmware 3.14 and 3.17...

CVE-2013-5945

CVE-2013-5945 affects D-Link DSR router series (DSR-150, DSR-150N, DSR-250/250N, DSR-500/500N, DSR-1000/1000N). Vulnerable component: login.authenticate (share/lua/5.1/teamf1lualib/login.lua) and captivePortal.lua; root cause is SQL injection via the Users.Password parameter. Impact: remote attac...

D-Link DSR Router Series - Remote Root Shell Exploit

No description provided by source. !/usr/bin/python CVEs: CVE-2013-5945 - Authentication Bypass by SQL-Injection CVE-2013-5946 - Privilege Escalation by Arbitrary Command Execution Vulnerable Routers: D-Link DSR-150 Firmware v1.08B44 D-Link DSR-150N Firmware v1.05B64 D-Link DSR-250 and DSR-250N...

CVE-2013-7005

CVE-2013-7005 affects D-Link DSR router series (DSR-150, DSR-150N, DSR-250/250N, DSR-500/500N, DSR-1000/1000N). Firmware versions before listed fixes store account passwords in cleartext in /tmp/teamf1.cfg.ascii, exposing them to local users who can read the Password fields. Affected firmware: DS...

CVE-2013-5946

The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allows remote attackers to execute...

PT-2013-1294 · D Link · Dsr-500N +6

Name of the Vulnerable Software and Affected Versions: D-Link DSR-150 versions prior to 1.08B44 D-Link DSR-150N versions prior to 1.05B64 D-Link DSR-250 versions prior to 1.08B44 D-Link DSR-250N versions prior to 1.08B44 D-Link DSR-500 versions prior to 1.08B77 D-Link DSR-500N versions prior to...