Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Dlink Security Vulnerabilities

cve
cve

CVE-2023-27720

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

9.8CVSS

9.7AI Score

0.002EPSS

2023-04-09 09:15 PM
18
2
cve
cve

CVE-2023-29665

D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.

9.8CVSS

9.6AI Score

0.002EPSS

2023-04-17 04:15 PM
14
cve
cve

CVE-2023-29856

D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary.

9.8CVSS

9.3AI Score

0.002EPSS

2023-05-02 03:15 PM
14
cve
cve

CVE-2023-29961

D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,

9.8CVSS

9.5AI Score

0.002EPSS

2023-05-16 01:15 AM
17
cve
cve

CVE-2023-30061

D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi.

7.5CVSS

7.5AI Score

0.002EPSS

2023-05-01 02:15 PM
14
cve
cve

CVE-2023-30063

D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass.

7.5CVSS

7.5AI Score

0.002EPSS

2023-05-01 02:15 PM
29
cve
cve

CVE-2023-31814

D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.

9.8CVSS

9.4AI Score

0.003EPSS

2023-05-23 01:15 AM
21
cve
cve

CVE-2023-32222

D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method.

9.8CVSS

9.6AI Score

0.001EPSS

2023-06-28 09:15 PM
28
cve
cve

CVE-2023-32223

D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method.

8.8CVSS

8.9AI Score

0.001EPSS

2023-06-28 09:15 PM
13
cve
cve

CVE-2023-32224

D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts

9.8CVSS

9.5AI Score

0.001EPSS

2023-06-28 09:15 PM
20
cve
cve

CVE-2023-33625

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function.

9.8CVSS

9.8AI Score

0.001EPSS

2023-06-12 08:15 PM
27
cve
cve

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary.

9.8CVSS

9.6AI Score

0.003EPSS

2023-06-12 08:15 PM
126
cve
cve

CVE-2023-33735

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface.

9.8CVSS

9.6AI Score

0.009EPSS

2023-05-31 08:15 PM
107
cve
cve

CVE-2023-33781

An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file.

8.8CVSS

8.8AI Score

0.003EPSS

2023-06-07 01:15 AM
15
cve
cve

CVE-2023-33782

D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function.

8.8CVSS

8.9AI Score

0.002EPSS

2023-06-07 01:15 AM
12
cve
cve

CVE-2023-34800

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main.

9.8CVSS

9.7AI Score

0.002EPSS

2023-06-15 09:15 PM
22
cve
cve

CVE-2023-34856

A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /auth_pic.cgi.

5.4CVSS

5.4AI Score

0.001EPSS

2023-06-09 08:15 PM
16
cve
cve

CVE-2023-36089

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

9.8CVSS

9.5AI Score

0.001EPSS

2023-07-31 02:15 PM
30
cve
cve

CVE-2023-36090

Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

9.8CVSS

9.6AI Score

0.001EPSS

2023-07-31 02:15 PM
26
cve
cve

CVE-2023-36091

Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

9.8CVSS

9.6AI Score

0.001EPSS

2023-07-31 02:15 PM
26
cve
cve

CVE-2023-36092

Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

9.8CVSS

9.6AI Score

0.001EPSS

2023-07-31 02:15 PM
29
cve
cve

CVE-2023-37758

D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi.

7.5CVSS

7.8AI Score

0.001EPSS

2023-07-18 07:15 PM
14
cve
cve

CVE-2023-37791

D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin.

9.8CVSS

9.7AI Score

0.001EPSS

2023-07-17 07:15 PM
17
cve
cve

CVE-2023-39637

D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.

9.8CVSS

9.7AI Score

0.001EPSS

2023-09-12 12:15 PM
15
cve
cve

CVE-2023-39638

D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin.

9.8CVSS

9.7AI Score

0.001EPSS

2023-09-14 10:15 PM
14
cve
cve

CVE-2023-39665

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter.

9.8CVSS

9.7AI Score

0.001EPSS

2023-08-18 03:15 AM
121
cve
cve

CVE-2023-39666

D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters.

9.8CVSS

9.5AI Score

0.001EPSS

2023-08-18 03:15 AM
33
cve
cve

CVE-2023-39667

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function.

9.8CVSS

9.7AI Score

0.001EPSS

2023-08-18 03:15 AM
24
cve
cve

CVE-2023-39668

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function.

9.8CVSS

9.7AI Score

0.001EPSS

2023-08-18 03:15 AM
137
cve
cve

CVE-2023-39669

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.

7.5CVSS

7.5AI Score

0.001EPSS

2023-08-18 03:15 AM
30
cve
cve

CVE-2023-39671

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.

9.8CVSS

9.7AI Score

0.001EPSS

2023-08-18 03:15 AM
24
cve
cve

CVE-2023-39674

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.

9.8CVSS

9.7AI Score

0.001EPSS

2023-08-18 03:15 AM
27
cve
cve

CVE-2023-39749

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request.

9.8CVSS

9.5AI Score

0.001EPSS

2023-08-21 03:15 AM
91
cve
cve

CVE-2023-39750

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request.

9.8CVSS

9.5AI Score

0.001EPSS

2023-08-21 03:15 AM
26
cve
cve

CVE-2023-41603

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6.

5.3CVSS

5.3AI Score

0.002EPSS

2024-01-10 08:15 AM
11
cve
cve

CVE-2023-42406

SQL injection vulnerability in D-Link Online behavior audit gateway DAR-7000 V31R02B1413C allows a remote attacker to obtain sensitive information and execute arbitrary code via the editrole.php component.

9.8CVSS

9.5AI Score

0.007EPSS

2023-10-26 10:15 PM
26
cve
cve

CVE-2023-43128

D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of HTTP_ST parameters.

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-21 11:15 PM
29
cve
cve

CVE-2023-43129

D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTE_PORT parameters.

9.8CVSS

9.7AI Score

0.001EPSS

2023-09-22 11:15 PM
29
cve
cve

CVE-2023-43130

D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection.

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-22 11:15 PM
20
cve
cve

CVE-2023-43196

D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the zn_jb parameter in the arp_sys.asp function.

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-20 02:15 PM
11
cve
cve

CVE-2023-43197

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-20 02:15 PM
11
cve
cve

CVE-2023-43198

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the popupId parameter in the H5/hi_block.asp function.

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-20 02:15 PM
11
cve
cve

CVE-2023-43199

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the prev parameter in the H5/login.cgi function.

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-20 02:15 PM
9
cve
cve

CVE-2023-43200

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the id parameter in the yyxz.data function.

9.8CVSS

9.5AI Score

0.001EPSS

2023-09-20 02:15 PM
11
cve
cve

CVE-2023-43201

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the hi_up parameter in the qos_ext.asp function.

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-20 02:15 PM
12
cve
cve

CVE-2023-43202

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcap_download_handler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter.

9.8CVSS

9.9AI Score

0.001EPSS

2023-09-20 02:15 PM
11
cve
cve

CVE-2023-43203

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a stack overflow vulnerability in the function update_users.

9.8CVSS

9.5AI Score

0.001EPSS

2023-09-20 02:15 PM
11
cve
cve

CVE-2023-43204

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub_2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter.

9.8CVSS

9.9AI Score

0.001EPSS

2023-09-20 02:15 PM
10
cve
cve

CVE-2023-43206

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function web_cert_download_handler. This vulnerability allows attackers to execute arbitrary commands via the certDownload parameter.

9.8CVSS

9.9AI Score

0.001EPSS

2023-09-20 02:15 PM
17
cve
cve

CVE-2023-43207

D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. This vulnerability allows attackers to execute arbitrary commands via the configRestore parameter.

9.8CVSS

9.9AI Score

0.001EPSS

2023-09-20 02:15 PM
15
Total number of security vulnerabilities787