Dir-620 Firmware Security Vulnerabilities and Issues — Dir-620 Firmware CVE List

Lucene search

D-linkDir-620 Firmware

9 matches found

CVE•added 2021/07/16 11:15 a.m.•80 views

CVE-2021-21816

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.

6.5CVSS4.4AI score0.79551EPSS

CVE•added 2021/07/16 11:15 a.m.•71 views

CVE-2021-21819

A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.

9.1CVSS7.8AI score0.01254EPSS

CVE•added 2021/07/16 11:15 a.m.•66 views

CVE-2021-21817

An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.

7.5CVSS7AI score0.02354EPSS

CVE•added 2021/07/16 11:15 a.m.•66 views

CVE-2021-21820

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

10CVSS9.5AI score0.02001EPSS

CVE•added 2021/07/16 11:15 a.m.•58 views

CVE-2021-21818

A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of requests to trigger this vulnerability.

7.5CVSS7.4AI score0.00638EPSS

CVE•added 2018/06/20 4:29 p.m.•49 views

CVE-2018-6213

In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.

10CVSS9.5AI score0.03099EPSS

CVE•added 2018/06/20 4:29 p.m.•43 views

CVE-2018-6211

On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.

9CVSS7.3AI score0.167EPSS

CVE•added 2021/09/23 3:15 p.m.•38 views

CVE-2021-21913

An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.

10CVSS9AI score0.00691EPSS

CVE•added 2018/06/20 4:29 p.m.•36 views

CVE-2018-6212

On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect processing of...

6.1CVSS6AI score0.00528EPSS