Skip to main content

D-Link

1370 CVEs vendor

Monthly

CVE-2025-6372 HIGH POC This Week

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD VulDB GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-6371 HIGH POC This Week

CVE-2025-6371 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the formSetEnableWizard function. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation has been publicly disclosed with proof-of-concept available, and this vulnerability only affects end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-6370 HIGH POC This Week

A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6369 HIGH POC This Week

CVE-2025-6369 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L v2.06B01 affecting the /goform/formdumpeasysetup endpoint. An authenticated remote attacker can exploit improper input validation of the curTime or config.save_network_enabled parameters to achieve remote code execution with high impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and the affected product is end-of-life with no vendor support available.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6368 HIGH POC This Week

A critical stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the formSetEmail function via the curTime and config.smtp_email_subject parameters. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). Public exploit code has been disclosed, and the affected product is end-of-life with no vendor support available.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6367 HIGH POC This Week

CVE-2025-6367 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the /goform/formSetDomainFilter endpoint. An authenticated remote attacker can exploit improper input validation on the curTime, sched_name_%d, and url_%d parameters to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and affects end-of-life hardware no longer receiving vendor support.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6334 HIGH This Week

CVE-2025-6334 is a critical stack-based buffer overflow vulnerability in D-Link DIR-867 1.0 routers, affecting the Query String Handler's strncpy function implementation. Remote attackers with low privileges can exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability breaches. The vulnerability has documented public exploits available, affects end-of-life hardware no longer receiving vendor support, and carries a high CVSS 3.1 score of 8.8.

Buffer Overflow D-Link RCE Dir 867 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6328 HIGH POC This Week

A critical stack-based buffer overflow vulnerability exists in D-Link DIR-815 firmware version 1.01 within the hedwig.cgi module (function sub_403794), allowing remote attackers with low privilege access to execute arbitrary code with high impact on confidentiality, integrity, and availability. Public exploit code is available and the vulnerability may be actively exploited in the wild, making this a high-priority remediation target.

Buffer Overflow D-Link RCE Dir 815 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6292 HIGH POC This Week

CVE-2025-6292 is a critical stack-based buffer overflow vulnerability in D-Link DIR-825 routers (version 2.03 and potentially others) that allows authenticated attackers to execute arbitrary code remotely via malformed HTTP POST requests to the vulnerable HTTP POST Request Handler function. The vulnerability affects end-of-life products no longer receiving security updates from D-Link, and public exploit code has been disclosed, increasing real-world exploitation risk despite requiring valid credentials.

Buffer Overflow D-Link RCE Denial Of Service Dir 825 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6291 HIGH POC This Week

CVE-2025-6291 is a critical stack-based buffer overflow vulnerability in D-Link DIR-825 firmware version 2.03, exploitable via HTTP POST requests to the do_file function. An authenticated attacker can achieve complete system compromise (confidentiality, integrity, and availability violations) remotely without user interaction. Public exploit code exists and the affected product is end-of-life with no vendor support, elevating real-world risk despite authentication requirement.

Buffer Overflow D-Link RCE Dir 825 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-45784 CRITICAL POC Act Now

D-Link DPH-400S/SE VoIP phones running firmware v1.01 contain hardcoded provisioning credentials (PROVIS_USER_PASSWORD) embedded directly in the firmware binary, allowing attackers with firmware access to extract sensitive authentication material via static analysis tools. This critical vulnerability (CVSS 9.8) enables unauthorized access to device management functions and potentially user accounts, with network-accessible exploitation possible if combined with firmware extraction techniques.

D-Link Information Disclosure Dph 400se Firmware Dph 400s Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-6158 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in the HTTP POST request handler (function sub_AC78) of D-Link DIR-665 firmware version 1.00, exploitable remotely by authenticated attackers. The vulnerability allows remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public exploit code is available and the affected product line is no longer maintained by D-Link, significantly elevating real-world risk despite requiring low-privilege authentication.

Buffer Overflow D-Link RCE Dir 655 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-6121 CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST request handler's get_pure_content function. An unauthenticated remote attacker can exploit this via a malicious Content-Length header to achieve complete system compromise including arbitrary code execution, data theft, and denial of service. Public exploit code exists for this end-of-life product, creating immediate risk for any remaining deployed instances.

Buffer Overflow D-Link RCE Dir 632 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-6115 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01 affecting the form_macfilter function through improper handling of mac_hostname_%d and sched_name_%d parameters. An authenticated remote attacker can exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability impacts (CVSS 8.8). Public exploit code is available and the product is end-of-life, significantly elevating real-world risk.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6114 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the port forwarding configuration function. An authenticated remote attacker can exploit this vulnerability by manipulating the ingress_name_%d, sched_name_%d, or name_%d parameters to achieve remote code execution with high integrity and confidentiality impact. The vulnerability has public exploit code available and affects only end-of-life products no longer receiving vendor support, significantly elevating real-world risk for exposed legacy deployments.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-5969 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST request handler in the /biurl_grou component. An authenticated attacker can remotely exploit this vulnerability to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. Public exploit code has been disclosed and the affected product is no longer maintained by D-Link, significantly increasing real-world risk.

Buffer Overflow D-Link Dir 632 Firmware RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-5912 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST Request Handler's do_file function. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available and the affected product is end-of-life with no vendor support.

Buffer Overflow D-Link RCE Dir 632 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-5630 CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the /goform/form2lansetup.cgi endpoint. An unauthenticated remote attacker can exploit this vulnerability by manipulating the 'ip' parameter to achieve complete system compromise including data exfiltration, integrity violation, and denial of service. The vulnerability has public exploit code available and affects end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link RCE Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-5624 CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the QoSPortSetup function. An unauthenticated remote attacker can exploit this vulnerability by manipulating port0_group, port0_remarker, ssid0_group, or ssid0_remarker parameters to achieve arbitrary code execution, complete system compromise (confidentiality, integrity, availability), and full device takeover. Public exploit code has been disclosed, increasing real-world exploitation risk significantly.

Buffer Overflow D-Link Dir 816 Firmware RCE
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2025-5623 CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 1.10CNB05 affecting the qosClassifier function's dip_address/sip_address parameters. This unauthenticated, remotely exploitable flaw allows attackers to achieve complete system compromise (confidentiality, integrity, and availability impact). The vulnerability affects end-of-life products no longer receiving vendor support, with public exploit disclosure and confirmed proof-of-concept availability increasing real-world exploitation risk.

Buffer Overflow D-Link RCE Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-5622 CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 wireless router (version 1.10CNB05) affecting the 5GHz wireless configuration interface. An unauthenticated remote attacker can exploit improper input validation in the wirelessApcli_5g function to achieve complete system compromise including arbitrary code execution, data theft, and service disruption. Public exploit code exists and the affected product line is end-of-life, creating significant risk for unpatched deployments.

Buffer Overflow D-Link Stack Overflow RCE Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-5621 HIGH POC This Week

A command injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.

Command Injection D-Link RCE Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
1.0%
CVE-2025-5620 HIGH POC This Week

A critical remote code execution vulnerability exists in D-Link DIR-816 firmware version 1.10CNB05, allowing unauthenticated attackers to execute arbitrary OS commands via the /goform/setipsec_config endpoint by manipulating localIP or remoteIP parameters. The vulnerability has a publicly disclosed proof-of-concept exploit and affects end-of-life hardware no longer receiving security updates from D-Link, creating significant risk for deployed instances.

Command Injection D-Link RCE Ipsec Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
1.0%
CVE-2025-5573 MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.7%
CVE-2025-5572 HIGH POC This Week

A critical stack-based buffer overflow vulnerability exists in D-Link DCS-932L camera firmware version 2.18.01 in the setSystemEmail function, allowing authenticated remote attackers to achieve complete system compromise (confidentiality, integrity, and availability). The vulnerability has been publicly disclosed with proof-of-concept code available, affecting end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Dcs 932l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-5571 MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.6%
CVE-2025-5492 MEDIUM This Month

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub_456DE8 of the file /msp_info.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack can be launched remotely.

Command Injection Di 500wf Wt Firmware D-Link
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2025-5228 HIGH POC This Week

A vulnerability was found in D-Link DI-8100 up to 20250523. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.6%
CVE-2025-5215 HIGH POC This Week

A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 5020L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-46176 MEDIUM This Month

Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware Dir 816L Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-44083 CRITICAL This Week

An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Di 8100 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-44084 CRITICAL Act Now

D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Di 8100G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2025-4904 MEDIUM POC This Week

A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.4%
CVE-2025-4903 MEDIUM POC This Week

A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
1.7%
CVE-2025-4902 MEDIUM POC This Week

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-4901 MEDIUM POC This Month

A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2025-4883 HIGH POC This Week

A vulnerability was found in D-Link DI-8100 16.07.26A1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100G Firmware
NVD GitHub VulDB
CVSS 4.0
8.6
EPSS
1.2%
CVE-2025-4860 MEDIUM POC Monitor

A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.2%
CVE-2025-4859 MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.2%
CVE-2025-4858 MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS Dap 2695 Firmware
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.2%
CVE-2025-4843 HIGH POC This Week

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 932l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-4842 HIGH POC This Week

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 932l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-4841 HIGH POC This Week

A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 932l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-4756 MEDIUM POC This Week

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.9%
CVE-2025-4755 MEDIUM POC This Week

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-4753 MEDIUM POC This Week

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-4752 MEDIUM POC This Week

A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-4751 MEDIUM POC This Week

A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-4750 MEDIUM POC This Week

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125).data of the component Configuration Handler. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-4749 HIGH POC This Week

A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Di 7003G Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.8%
CVE-2025-4544 HIGH POC This Month

A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical.asp of the component jhttpd. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub VulDB
CVSS 4.0
7.5
EPSS
1.3%
CVE-2025-4454 MEDIUM This Month

A vulnerability was found in D-Link DIR-619L 2.04B04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.0%
CVE-2025-4453 MEDIUM This Month

A vulnerability was found in D-Link DIR-619L 2.04B04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.0%
CVE-2025-4452 HIGH This Week

A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4451 HIGH This Week

A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4450 HIGH This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4449 HIGH This Week

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4448 HIGH This Week

A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4445 MEDIUM This Month

A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.0%
CVE-2025-4443 MEDIUM This Month

A vulnerability was found in D-Link DIR-605L 2.13B01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.7%
CVE-2025-4442 HIGH This Week

A vulnerability was found in D-Link DIR-605L 2.13B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 605l Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4441 HIGH This Week

A vulnerability was found in D-Link DIR-605L 2.13B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 605l Firmware
NVD VulDB GitHub
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-44023 MEDIUM This Month

An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the account_mgr.cgi->cgi_chg_admin_pw components. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-4350 HIGH This Week

A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
5.3%
CVE-2025-4349 HIGH This Week

A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
5.3%
CVE-2025-4348 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4347 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4346 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4345 HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4344 HIGH This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2025-4343 HIGH This Week

A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4342 HIGH This Week

A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-4341 MEDIUM This Month

A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 880L Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.3%
CVE-2025-4340 MEDIUM POC This Month

A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 806 Firmware Dir 890L Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.4%
CVE-2025-44835 MEDIUM POC This Month

D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 A2 Firmware
NVD GitHub
CVSS 3.1
6.3
EPSS
6.4%
CVE-2025-29743 MEDIUM POC This Month

D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
9.0%
CVE-2025-3785 HIGH This Week

A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dwr M961 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.8%
CVE-2025-29039 HIGH POC This Week

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection D-Link Dir 823x Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
3.0%
CVE-2025-29043 CRITICAL POC Act Now

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE Dir 823x Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2025-29042 CRITICAL POC Act Now

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE Dir 823x Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2025-29041 CRITICAL POC Act Now

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE Dir 823x Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2025-29040 CRITICAL POC Act Now

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE Dir 823x Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2025-3538 HIGH POC This Week

A vulnerability was found in D-Link DI-8100 16.07.26A1. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
2.4%
CVE-2025-3369 MEDIUM POC This Month

A vulnerability was found in xxyopen Novel-Plus 5.1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Novel Plus D-Link
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-28398 HIGH POC This Week

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub
CVSS 3.1
7.1
EPSS
0.6%
CVE-2025-28395 HIGH POC This Week

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub
CVSS 3.1
7.1
EPSS
0.6%
CVE-2025-29635 HIGH POC KEV THREAT Act Now

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
1.6%
Threat
4.5
CVE-2025-2717 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 823x Firmware
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
1.2%
CVE-2025-2621 CRITICAL POC Act Now

A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dap 1620 Firmware
NVD VulDB
CVSS 4.0
9.3
EPSS
0.7%
CVE-2025-2620 CRITICAL POC THREAT Act Now

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 35.6%.

D-Link Buffer Overflow Dap 1620 Firmware
NVD VulDB
CVSS 4.0
9.3
EPSS
35.6%
EPSS 0% CVSS 8.8
HIGH POC This Week

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow D-Link RCE +1
NVD VulDB GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6371 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the formSetEnableWizard function. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation has been publicly disclosed with proof-of-concept available, and this vulnerability only affects end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Stack Overflow +2
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6369 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L v2.06B01 affecting the /goform/formdumpeasysetup endpoint. An authenticated remote attacker can exploit improper input validation of the curTime or config.save_network_enabled parameters to achieve remote code execution with high impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and the affected product is end-of-life with no vendor support available.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A critical stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the formSetEmail function via the curTime and config.smtp_email_subject parameters. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). Public exploit code has been disclosed, and the affected product is end-of-life with no vendor support available.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6367 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the /goform/formSetDomainFilter endpoint. An authenticated remote attacker can exploit improper input validation on the curTime, sched_name_%d, and url_%d parameters to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and affects end-of-life hardware no longer receiving vendor support.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

CVE-2025-6334 is a critical stack-based buffer overflow vulnerability in D-Link DIR-867 1.0 routers, affecting the Query String Handler's strncpy function implementation. Remote attackers with low privileges can exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability breaches. The vulnerability has documented public exploits available, affects end-of-life hardware no longer receiving vendor support, and carries a high CVSS 3.1 score of 8.8.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A critical stack-based buffer overflow vulnerability exists in D-Link DIR-815 firmware version 1.01 within the hedwig.cgi module (function sub_403794), allowing remote attackers with low privilege access to execute arbitrary code with high impact on confidentiality, integrity, and availability. Public exploit code is available and the vulnerability may be actively exploited in the wild, making this a high-priority remediation target.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6292 is a critical stack-based buffer overflow vulnerability in D-Link DIR-825 routers (version 2.03 and potentially others) that allows authenticated attackers to execute arbitrary code remotely via malformed HTTP POST requests to the vulnerable HTTP POST Request Handler function. The vulnerability affects end-of-life products no longer receiving security updates from D-Link, and public exploit code has been disclosed, increasing real-world exploitation risk despite requiring valid credentials.

Buffer Overflow D-Link RCE +2
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

CVE-2025-6291 is a critical stack-based buffer overflow vulnerability in D-Link DIR-825 firmware version 2.03, exploitable via HTTP POST requests to the do_file function. An authenticated attacker can achieve complete system compromise (confidentiality, integrity, and availability violations) remotely without user interaction. Public exploit code exists and the affected product is end-of-life with no vendor support, elevating real-world risk despite authentication requirement.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DPH-400S/SE VoIP phones running firmware v1.01 contain hardcoded provisioning credentials (PROVIS_USER_PASSWORD) embedded directly in the firmware binary, allowing attackers with firmware access to extract sensitive authentication material via static analysis tools. This critical vulnerability (CVSS 9.8) enables unauthorized access to device management functions and potentially user accounts, with network-accessible exploitation possible if combined with firmware extraction techniques.

D-Link Information Disclosure Dph 400se Firmware +1
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Critical stack-based buffer overflow vulnerability in the HTTP POST request handler (function sub_AC78) of D-Link DIR-665 firmware version 1.00, exploitable remotely by authenticated attackers. The vulnerability allows remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public exploit code is available and the affected product line is no longer maintained by D-Link, significantly elevating real-world risk despite requiring low-privilege authentication.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST request handler's get_pure_content function. An unauthenticated remote attacker can exploit this via a malicious Content-Length header to achieve complete system compromise including arbitrary code execution, data theft, and denial of service. Public exploit code exists for this end-of-life product, creating immediate risk for any remaining deployed instances.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01 affecting the form_macfilter function through improper handling of mac_hostname_%d and sched_name_%d parameters. An authenticated remote attacker can exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability impacts (CVSS 8.8). Public exploit code is available and the product is end-of-life, significantly elevating real-world risk.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the port forwarding configuration function. An authenticated remote attacker can exploit this vulnerability by manipulating the ingress_name_%d, sched_name_%d, or name_%d parameters to achieve remote code execution with high integrity and confidentiality impact. The vulnerability has public exploit code available and affects only end-of-life products no longer receiving vendor support, significantly elevating real-world risk for exposed legacy deployments.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST request handler in the /biurl_grou component. An authenticated attacker can remotely exploit this vulnerability to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. Public exploit code has been disclosed and the affected product is no longer maintained by D-Link, significantly increasing real-world risk.

Buffer Overflow D-Link Dir 632 Firmware +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST Request Handler's do_file function. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available and the affected product is end-of-life with no vendor support.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the /goform/form2lansetup.cgi endpoint. An unauthenticated remote attacker can exploit this vulnerability by manipulating the 'ip' parameter to achieve complete system compromise including data exfiltration, integrity violation, and denial of service. The vulnerability has public exploit code available and affects end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the QoSPortSetup function. An unauthenticated remote attacker can exploit this vulnerability by manipulating port0_group, port0_remarker, ssid0_group, or ssid0_remarker parameters to achieve arbitrary code execution, complete system compromise (confidentiality, integrity, availability), and full device takeover. Public exploit code has been disclosed, increasing real-world exploitation risk significantly.

Buffer Overflow D-Link Dir 816 Firmware +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 1.10CNB05 affecting the qosClassifier function's dip_address/sip_address parameters. This unauthenticated, remotely exploitable flaw allows attackers to achieve complete system compromise (confidentiality, integrity, and availability impact). The vulnerability affects end-of-life products no longer receiving vendor support, with public exploit disclosure and confirmed proof-of-concept availability increasing real-world exploitation risk.

Buffer Overflow D-Link RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-816 wireless router (version 1.10CNB05) affecting the 5GHz wireless configuration interface. An unauthenticated remote attacker can exploit improper input validation in the wirelessApcli_5g function to achieve complete system compromise including arbitrary code execution, data theft, and service disruption. Public exploit code exists and the affected product line is end-of-life, creating significant risk for unpatched deployments.

Buffer Overflow D-Link Stack Overflow +2
NVD GitHub VulDB
EPSS 1% CVSS 7.3
HIGH POC This Week

A command injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.

Command Injection D-Link RCE +1
NVD GitHub VulDB
EPSS 1% CVSS 7.3
HIGH POC This Week

A critical remote code execution vulnerability exists in D-Link DIR-816 firmware version 1.10CNB05, allowing unauthenticated attackers to execute arbitrary OS commands via the /goform/setipsec_config endpoint by manipulating localIP or remoteIP parameters. The vulnerability has a publicly disclosed proof-of-concept exploit and affects end-of-life hardware no longer receiving security updates from D-Link, creating significant risk for deployed instances.

Command Injection D-Link RCE +2
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A critical stack-based buffer overflow vulnerability exists in D-Link DCS-932L camera firmware version 2.18.01 in the setSystemEmail function, allowing authenticated remote attackers to achieve complete system compromise (confidentiality, integrity, and availability). The vulnerability has been publicly disclosed with proof-of-concept code available, affecting end-of-life products no longer receiving vendor support.

Buffer Overflow D-Link Dcs 932l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Command Injection Dcs 932l Firmware D-Link
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM This Month

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub_456DE8 of the file /msp_info.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack can be launched remotely.

Command Injection Di 500wf Wt Firmware D-Link
NVD VulDB
EPSS 2% CVSS 8.7
HIGH POC This Week

A vulnerability was found in D-Link DI-8100 up to 20250523. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 5020L Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL This Week

An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Di 8100 Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Di 8100G Firmware
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 2% CVSS 6.9
MEDIUM POC This Week

A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 1% CVSS 6.9
MEDIUM POC This Week

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.6
HIGH POC This Week

A vulnerability was found in D-Link DI-8100 16.07.26A1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100G Firmware
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM POC Monitor

A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS +1
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS +1
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM POC Monitor

A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS +1
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 932l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 932l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dcs 932l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 6.9
MEDIUM POC This Week

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Di 7003G Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Di 7003G Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125).data of the component Configuration Handler. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Di 7003G Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Di 7003G Firmware
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH POC This Month

A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical.asp of the component jhttpd. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in D-Link DIR-619L 2.04B04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in D-Link DIR-619L 2.04B04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 619l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability was found in D-Link DIR-605L 2.13B01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 605l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in D-Link DIR-605L 2.13B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 605l Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in D-Link DIR-605L 2.13B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 605l Firmware
NVD VulDB GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the account_mgr.cgi->cgi_chg_admin_pw components. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection
NVD
EPSS 5% CVSS 8.7
HIGH This Week

A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
EPSS 5% CVSS 8.7
HIGH This Week

A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dir 600L Firmware
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 880L Firmware
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 806 Firmware +1
NVD GitHub VulDB
EPSS 6% CVSS 6.3
MEDIUM POC This Month

D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 A2 Firmware
NVD GitHub
EPSS 9% CVSS 6.5
MEDIUM POC This Month

D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 Firmware
NVD GitHub
EPSS 1% CVSS 8.7
HIGH This Week

A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Buffer Overflow Dwr M961 Firmware
NVD GitHub VulDB
EPSS 3% CVSS 7.2
HIGH POC This Week

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection D-Link +1
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE +1
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE +1
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE +1
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE +1
NVD GitHub
EPSS 2% CVSS 8.7
HIGH POC This Week

A vulnerability was found in D-Link DI-8100 16.07.26A1. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability was found in xxyopen Novel-Plus 5.1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Novel Plus D-Link
NVD GitHub VulDB
EPSS 1% CVSS 7.1
HIGH POC This Week

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub
EPSS 1% CVSS 7.1
HIGH POC This Week

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Di 8100 Firmware
NVD GitHub
EPSS 2% 4.5 CVSS 7.2
HIGH POC KEV THREAT Act Now

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection
NVD GitHub VulDB
EPSS 1% CVSS 5.1
MEDIUM This Month

A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 823x Firmware
NVD GitHub VulDB
EPSS 1% CVSS 9.3
CRITICAL POC Act Now

A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Dap 1620 Firmware
NVD VulDB
EPSS 36% CVSS 9.3
CRITICAL POC THREAT Act Now

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 35.6%.

D-Link Buffer Overflow Dap 1620 Firmware
NVD VulDB
Prev Page 5 of 16 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy