Dir-645 Firmware Security Vulnerabilities and Issues — Dir-645 Firmware CVE List

Lucene search

DlinkDir-645 Firmware

10 matches found

CVE•added 2015/02/23 5:59 p.m.•1031 views

CVE-2015-2051

The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

10CVSS9.5AI score0.89008EPSS

CVE•added 2019/06/11 9:29 p.m.•111 views

CVE-2013-7471

An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPort element ...

9.8CVSS9.6AI score0.26614EPSS

CVE•added 2022/03/31 9:15 p.m.•71 views

CVE-2021-43722

D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size.

9.8CVSS9.4AI score0.01359EPSS

CVE•added 2022/06/27 10:15 p.m.•59 views

CVE-2022-32092

D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.

9.8CVSS9.8AI score0.2247EPSS

CVE•added 2014/07/07 2:55 p.m.•54 views

CVE-2013-7389

Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceid parameter to parentalcontrols/bind.php, (2) RESULT parameter to info.php, or (3) receiver parameter ...

4.3CVSS6AI score0.86483EPSS

CVE•added 2023/07/31 2:15 p.m.•50 views

CVE-2023-36089

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

9.8CVSS9.5AI score0.00377EPSS

CVE•added 2015/02/23 5:59 p.m.•45 views

CVE-2015-2052

Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface.

10CVSS9AI score0.11647EPSS

CVE•added 2023/01/17 9:15 p.m.•43 views

CVE-2022-46475

D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function.

9.8CVSS9.6AI score0.282EPSS

CVE•added 2020/09/19 8:15 p.m.•38 views

CVE-2020-25786

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet...

6.1CVSS6AI score0.00458EPSS

CVE•added 2025/07/08 8:15 p.m.•8 views

CVE-2025-7192

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgi_main of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed t...

8.8CVSS6.8AI score0.00089EPSS