Skip to main content

Dap 2695 Firmware

9 CVEs product

Monthly

CVE-2025-12296 LOW POC Monitor

OS command injection in D-Link DAP-2695 firmware 2.00RC13 allows high-privileged remote attackers to execute arbitrary commands through the Firmware Update Handler function sub_4174B0. The vulnerability carries a low real-world risk despite network-accessible attack vector due to requiring administrative credentials (PR:H) and affecting only end-of-life hardware. Publicly available exploit code exists, though EPSS exploitation probability remains minimal at 0.09th percentile.

Command Injection D-Link Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-4860 MEDIUM POC Monitor

A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.2%
CVE-2025-4859 MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.2%
CVE-2025-4858 MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.2%
CVE-2022-38873 HIGH POC This Week

D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dap 2310 Firmware Dap 2330 Firmware Dap 2360 Firmware +6
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-28840 HIGH POC This Week

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service Dap 2310 Firmware Dap 2330 Firmware +7
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-28839 HIGH POC This Week

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service Dap 2310 Firmware Dap 2330 Firmware +7
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-28838 HIGH POC This Week

Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service Dap 2310 Firmware Dap 2330 Firmware +7
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2016-1558 CRITICAL PATCH Act Now

Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.9%.

Buffer Overflow D-Link Dap 3662 Firmware Dap 2310 Firmware Dap 2330 Firmware +7
NVD
CVSS 3.0
9.8
EPSS
14.9%
EPSS 0% CVSS 2.0
LOW POC Monitor

OS command injection in D-Link DAP-2695 firmware 2.00RC13 allows high-privileged remote attackers to execute arbitrary commands through the Firmware Update Handler function sub_4174B0. The vulnerability carries a low real-world risk despite network-accessible attack vector due to requiring administrative credentials (PR:H) and affecting only end-of-life hardware. Publicly available exploit code exists, though EPSS exploitation probability remains minimal at 0.09th percentile.

Command Injection D-Link Dap 2695 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM POC Monitor

A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS +1
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS +1
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dap 2310 Firmware +8
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service +9
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service +9
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service +9
NVD GitHub
EPSS 15% CVSS 9.8
CRITICAL PATCH Act Now

Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.9%.

Buffer Overflow D-Link Dap 3662 Firmware +9
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy