Skip to main content

D-Link

1370 CVEs vendor

Monthly

CVE-2023-4711 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP D-Link Command Injection Dar 8000 10 Firmware
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
5.8%
CVE-2023-4542 CRITICAL POC THREAT Act Now

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP D-Link Command Injection Dar 8000 10 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
86.5%
CVE-2023-39750 CRITICAL POC THREAT Act Now

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dap 2660 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
12.8%
CVE-2023-39749 CRITICAL POC Act Now

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dap 2660 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-39674 CRITICAL Act Now

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 880L A1 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-39671 CRITICAL Act Now

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 880L A1 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-39669 HIGH This Week

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference D-Link Dir 880L A1 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-39668 CRITICAL Act Now

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-39667 CRITICAL Act Now

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-39666 CRITICAL Act Now

D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 842 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-39665 CRITICAL Act Now

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-36092 CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 859 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-36091 CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 895L Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-36090 CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 885L Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-36089 CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 645 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-37758 HIGH This Week

D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 815 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-37791 CRITICAL POC THREAT Act Now

D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
11.5%
CVE-2023-26616 CRITICAL POC Act Now

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 823G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-26613 CRITICAL POC THREAT Act Now

An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
31.4%
CVE-2023-26612 CRITICAL POC Act Now

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 823G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-32224 CRITICAL Act Now

D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure D-Link Dsl 224 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-32223 HIGH This Week

D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure D-Link Dsl 224 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2023-32222 CRITICAL Act Now

D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dsl G256Dg Firmware
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-26615 HIGH POC This Week

D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 823G Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-34800 CRITICAL POC THREAT Act Now

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Go Rt Ac750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
29.3%
CVE-2023-33626 CRITICAL POC Act Now

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 600 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-33625 CRITICAL POC THREAT Emergency

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 600 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
33.2%
CVE-2023-34856 MEDIUM POC This Month

A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /auth_pic.cgi. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE D-Link XSS Di 7500G Ci Firmware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-33782 HIGH POC THREAT Act Now

D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 42.9%.

Command Injection D-Link Dir 842V2 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
42.9%
Threat
4.5
CVE-2023-33781 HIGH POC THREAT Act Now

An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.0%.

Information Disclosure D-Link Dir 842V2 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
36.0%
Threat
4.3
CVE-2023-33735 CRITICAL POC THREAT Act Now

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
32.6%
CVE-2023-31814 CRITICAL Act Now

D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure D-Link PHP Dir 300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-29961 CRITICAL POC Act Now

D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-29856 CRITICAL Act Now

D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-30063 HIGH POC This Week

D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 890L Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-30061 HIGH POC This Week

D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 879 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-29665 CRITICAL POC Act Now

D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 823G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-27216 HIGH This Week

An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE D-Link Dsl 3782 Firmware
NVD VulDB
CVSS 3.1
8.8
EPSS
4.5%
CVE-2023-27720 CRITICAL POC Act Now

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-27719 CRITICAL POC Act Now

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-27718 CRITICAL POC Act Now

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-24800 CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-24799 CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-24798 CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-24797 CRITICAL POC Act Now

D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-26822 CRITICAL POC Act Now

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Go Rt Ac750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.4%
CVE-2023-26925 HIGH POC This Week

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 882 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-25281 HIGH POC This Week

A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Denial Of Service Dir 820L Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-25280 CRITICAL POC KEV THREAT Act Now

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 820L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
98.1%
CVE-2023-25282 MEDIUM POC This Month

A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Denial Of Service Dir 820L Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-25279 CRITICAL POC THREAT Act Now

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 820L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
32.0%
CVE-2023-24762 CRITICAL Act Now

OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 867 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2023-25283 HIGH POC This Week

A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Denial Of Service Dir 820L Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-24352 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24351 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24350 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24349 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24348 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24347 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-24346 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-24345 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-24344 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24343 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-46570 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46569 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2022-46568 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46566 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46563 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46562 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46561 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46560 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46642 CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.9
EPSS
3.1%
CVE-2022-46641 CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
CVSS 3.1
9.9
EPSS
3.1%
CVE-2022-38873 HIGH POC This Week

D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dap 2310 Firmware Dap 2330 Firmware Dap 2360 Firmware +6
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-46076 HIGH POC This Week

D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 869Ax Firmware Dir 869 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-44832 CRITICAL POC Act Now

D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 3040 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.9%
CVE-2022-44930 CRITICAL POC Act Now

D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dhp W310Av Firmware
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2022-44929 CRITICAL POC Act Now

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Privilege Escalation Dvg G5402Sp Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44928 CRITICAL POC Act Now

D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dvg G5402Sp Firmware
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2022-40799 HIGH POC KEV THREAT This Week

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dnr 322L Firmware
NVD
CVSS 3.1
8.8
EPSS
31.3%
CVE-2022-44808 CRITICAL POC Act Now

A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.8%
CVE-2022-44807 CRITICAL POC Act Now

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-44806 CRITICAL POC Act Now

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-44804 CRITICAL POC Act Now

D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-44801 CRITICAL POC Act Now

D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dir 878 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44202 CRITICAL POC Act Now

D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 878 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-44201 CRITICAL POC Act Now

D-Link DIR823G 1.02B05 is vulnerable to Commad Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-44204 CRITICAL POC Act Now

D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 3060 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-36786 CRITICAL Act Now

DLINK - DSL-224 Post-auth RCE. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dsl 224 Firmware
NVD
CVSS 3.1
9.9
EPSS
0.9%
CVE-2022-36785 HIGH This Week

D-Link - G integrated Access Device4 Information Disclosure & Authorization Bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Information Disclosure Authentication Bypass G Integrated Access Device4 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.9%
EPSS 6% CVSS 8.1
HIGH POC This Week

A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP D-Link Command Injection +1
NVD GitHub VulDB
EPSS 87% CVSS 9.8
CRITICAL POC THREAT Act Now

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP D-Link Command Injection +1
NVD GitHub VulDB
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dap 2660 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dap 2660 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 880L A1 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 880L A1 Firmware
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference D-Link +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 842 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 859 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpcgi_main in cgibin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 895L Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 885L Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via function phpcgi_main in cgibin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 645 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 815 Firmware
NVD
EPSS 12% CVSS 9.8
CRITICAL POC THREAT Act Now

D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 823G Firmware
NVD GitHub
EPSS 31% CVSS 9.8
CRITICAL POC THREAT Act Now

An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 823G Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure D-Link Dsl 224 Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure D-Link Dsl 224 Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dsl G256Dg Firmware
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 823G Firmware
NVD GitHub
EPSS 29% CVSS 9.8
CRITICAL POC THREAT Act Now

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Go Rt Ac750 Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 33% CVSS 9.8
CRITICAL POC THREAT Emergency

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 600 Firmware
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /auth_pic.cgi. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE D-Link XSS +1
NVD GitHub
EPSS 43% 4.5 CVSS 8.8
HIGH POC THREAT Act Now

D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 42.9%.

Command Injection D-Link Dir 842V2 Firmware
NVD GitHub VulDB
EPSS 36% 4.3 CVSS 8.8
HIGH POC THREAT Act Now

An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.0%.

Information Disclosure D-Link Dir 842V2 Firmware
NVD GitHub VulDB
EPSS 33% CVSS 9.8
CRITICAL POC THREAT Act Now

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 846 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure D-Link PHP +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Dir 868l Firmware
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 890L Firmware
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 879 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 4% CVSS 8.8
HIGH This Week

An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE D-Link +1
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Go Rt Ac750 Firmware
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 882 Firmware
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +2
NVD GitHub
EPSS 98% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 820L Firmware
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +2
NVD GitHub
EPSS 32% CVSS 9.8
CRITICAL POC THREAT Act Now

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 820L Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL Act Now

OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 867 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link +1
NVD GitHub
EPSS 1% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD
EPSS 3% CVSS 9.9
CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
EPSS 3% CVSS 9.9
CRITICAL POC Act Now

D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 846 Firmware
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dap 2310 Firmware +8
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 869Ax Firmware +1
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 3040 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dhp W310Av Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Privilege Escalation Dvg G5402Sp Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dvg G5402Sp Firmware
NVD
EPSS 31% CVSS 8.8
HIGH POC KEV THREAT This Week

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dnr 322L Firmware
NVD
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dir 878 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption D-Link Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR823G 1.02B05 is vulnerable to Commad Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dir 3060 Firmware
NVD GitHub
EPSS 1% CVSS 9.9
CRITICAL Act Now

DLINK - DSL-224 Post-auth RCE. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dsl 224 Firmware
NVD
EPSS 2% CVSS 7.5
HIGH This Week

D-Link - G integrated Access Device4 Information Disclosure & Authorization Bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Information Disclosure Authentication Bypass +1
NVD
Prev Page 10 of 16 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy