Skip to main content

D-Link

1370 CVEs vendor

Monthly

CVE-2013-6987 HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 30.2%.

Path Traversal Synology D-Link Diskstation Manager
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
30.2%
CVE-2013-7005 MEDIUM POC This Month

D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dsr 150 Firmware Dsr 150 Dsr 250 Firmware +12
NVD Exploit-DB
CVSS 2.0
4.9
EPSS
0.0%
CVE-2013-7004 HIGH POC This Week

D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dsr 500 Firmware Dsr 500 Dsr 150N Firmware +12
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
0.3%
CVE-2013-5946 CRITICAL POC Act Now

The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dsr 500 Firmware Dsr 500 Dsr 150N Firmware +12
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
6.3%
CVE-2013-5998 HIGH This Week

Unspecified vulnerability in the Web manager implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote attackers to cause a denial of service (device hang) via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service D-Link Des 3800 Firmware Des 3800
NVD
CVSS 2.0
7.8
EPSS
1.8%
CVE-2013-5997 MEDIUM This Month

Unspecified vulnerability in the SSH implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote authenticated users to cause a denial of service (device hang) via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service D-Link Des 3800 Firmware Des 3800
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-5730 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dsl 2740B Firmware Dsl 2740B
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
7.1%
CVE-2013-3095 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dir865L Firmware Dir865L
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.9%
CVE-2013-5223 MEDIUM POC KEV THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

D-Link XSS
NVD Exploit-DB VulDB
CVSS 3.1
5.4
EPSS
35.5%
Threat
5.1
CVE-2013-2271 HIGH POC THREAT Act Now

The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 35.3%.

Privilege Escalation D-Link Dsl 2740B Firmware Dsl 2740B
NVD Exploit-DB
CVSS 2.0
7.6
EPSS
35.3%
Threat
4.1
CVE-2013-6027 HIGH POC This Week

Stack-based buffer overflow in the RuntimeDiagnosticPing function in /bin/webs on D-Link DIR-100 routers might allow remote authenticated administrators to execute arbitrary commands via a long. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 100
NVD Exploit-DB
CVSS 2.0
8.5
EPSS
2.9%
CVE-2013-6026 CRITICAL POC THREAT Emergency

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

Privilege Escalation D-Link Di 524Up Di 604 Di 604S +10
NVD
CVSS 2.0
10.0
EPSS
11.4%
CVE-2013-4707 MEDIUM This Month

The SSH implementation on D-Link Japan DES-3810 devices with firmware before R2.20.011 allows remote authenticated users to cause a denial of service (device hang) by leveraging login access. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service D-Link Des 3810 Firmware Des 3810
NVD
CVSS 2.0
6.3
EPSS
0.1%
CVE-2013-4706 MEDIUM This Month

The SSH implementation on the D-Link Japan DWL-2100AP with firmware before R252JP-RC572 allows remote authenticated users to cause a denial of service (reboot) by leveraging login access. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service D-Link Dwl 2100Ap Dwl 2100Ap Firmware
NVD
CVSS 2.0
6.3
EPSS
0.1%
CVE-2012-4046 LOW Monitor

The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure D-Link Dcs 932l Firmware Dcs 932L
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2012-5966 MEDIUM This Month

The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation D-Link Dsl 2730U
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2012-5319 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dcs 2000 Dcs 5300 Dcs 900
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
1.2%
CVE-2012-1308 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dsl 2640B Firmware Dsl 2640B
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
7.1%
CVE-2012-5306 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in the SelectDirectory method in DcsCliCtrl.dll in Camera Stream Client ActiveX Control, as used in D-Link DCS-5605 PTZ IP Network Camera, allows remote attackers to cause. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 27.6%.

Buffer Overflow Denial Of Service D-Link RCE Camera Stream Client Activex Control +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
27.6%
Threat
4.2
CVE-2012-2313 LOW POC PATCH Monitor

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet. Rated low severity (CVSS 1.2). Public exploit code available.

Privilege Escalation Linux D-Link Linux Kernel Suse Linux Enterprise Server +6
NVD GitHub
CVSS 2.0
1.2
EPSS
0.2%
EPSS 30% CVSS 7.5
HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 30.2%.

Path Traversal Synology D-Link +1
NVD Exploit-DB
EPSS 0% CVSS 4.9
MEDIUM POC This Month

D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dsr 150 Firmware +14
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dsr 500 Firmware +14
NVD Exploit-DB
EPSS 6% CVSS 10.0
CRITICAL POC Act Now

The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link Dsr 500 Firmware +14
NVD Exploit-DB
EPSS 2% CVSS 7.8
HIGH This Week

Unspecified vulnerability in the Web manager implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote attackers to cause a denial of service (device hang) via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service D-Link Des 3800 Firmware +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Unspecified vulnerability in the SSH implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote authenticated users to cause a denial of service (device hang) via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service D-Link Des 3800 Firmware +1
NVD
EPSS 7% CVSS 6.8
MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dsl 2740B Firmware +1
NVD Exploit-DB
EPSS 1% CVSS 6.8
MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dir865L Firmware +1
NVD Exploit-DB
EPSS 35% 5.1 CVSS 5.4
MEDIUM POC KEV THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

D-Link XSS
NVD Exploit-DB VulDB
EPSS 35% 4.1 CVSS 7.6
HIGH POC THREAT Act Now

The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 35.3%.

Privilege Escalation D-Link Dsl 2740B Firmware +1
NVD Exploit-DB
EPSS 3% CVSS 8.5
HIGH POC This Week

Stack-based buffer overflow in the RuntimeDiagnosticPing function in /bin/webs on D-Link DIR-100 routers might allow remote authenticated administrators to execute arbitrary commands via a long. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 100
NVD Exploit-DB
EPSS 11% CVSS 10.0
CRITICAL POC THREAT Emergency

The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

Privilege Escalation D-Link Di 524Up +12
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

The SSH implementation on D-Link Japan DES-3810 devices with firmware before R2.20.011 allows remote authenticated users to cause a denial of service (device hang) by leveraging login access. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service D-Link +2
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

The SSH implementation on the D-Link Japan DWL-2100AP with firmware before R252JP-RC572 allows remote authenticated users to cause a denial of service (reboot) by leveraging login access. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service D-Link +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure D-Link Dcs 932l Firmware +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation D-Link Dsl 2730U
NVD
EPSS 1% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dcs 2000 +2
NVD Exploit-DB
EPSS 7% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dsl 2640B Firmware +1
NVD Exploit-DB
EPSS 28% 4.2 CVSS 9.3
CRITICAL POC THREAT Emergency

Stack-based buffer overflow in the SelectDirectory method in DcsCliCtrl.dll in Camera Stream Client ActiveX Control, as used in D-Link DCS-5605 PTZ IP Network Camera, allows remote attackers to cause. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 27.6%.

Buffer Overflow Denial Of Service D-Link +3
NVD Exploit-DB
EPSS 0% CVSS 1.2
LOW POC PATCH Monitor

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet. Rated low severity (CVSS 1.2). Public exploit code available.

Privilege Escalation Linux D-Link +8
NVD GitHub
Prev Page 16 of 16

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy