Skip to main content

D-Link

1370 CVEs vendor

Monthly

CVE-2024-8131 MEDIUM POC This Month

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware Dns 1200 05 Firmware Dns 1100 4 Firmware +17
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
8.2%
CVE-2024-8130 MEDIUM POC This Month

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware Dns 1200 05 Firmware Dns 1100 4 Firmware +17
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
7.9%
CVE-2024-8129 MEDIUM POC THREAT This Month

A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware Dns 1200 05 Firmware Dns 1100 4 Firmware +17
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
22.9%
CVE-2024-8128 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware Dns 1200 05 Firmware Dns 1100 4 Firmware +17
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
8.0%
CVE-2024-8127 MEDIUM POC This Month

A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware Dns 1200 05 Firmware Dns 1100 4 Firmware +17
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
6.7%
CVE-2024-44382 CRITICAL POC Act Now

D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgrade_filter_asp function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Di 8004W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-44381 CRITICAL POC Act Now

D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in jhttpd msp_info_htm function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Di 8004W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-42812 CRITICAL POC THREAT Act Now

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 860L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
15.5%
CVE-2024-7922 MEDIUM POC THREAT This Month

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
19.5%
CVE-2024-7849 HIGH This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow D-Link
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2024-7833 MEDIUM This Month

A vulnerability was found in D-Link DI-8100 16.07. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Di 8100 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
4.7%
CVE-2024-7832 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
2.1%
CVE-2024-7831 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.8%
CVE-2024-7830 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.8%
CVE-2024-7829 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.8%
CVE-2024-7828 HIGH POC THREAT This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware Dnr 202L Firmware Dns 315L Firmware +17
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
16.2%
CVE-2024-7715 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
25.1%
CVE-2024-41616 CRITICAL POC Act Now

D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Dir 300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-7436 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.htm. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Di 8100 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
7.8%
CVE-2024-7357 MEDIUM POC This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-600 up to 2.18. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 600 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
5.7%
CVE-2024-41611 CRITICAL Act Now

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dir 860L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-41610 CRITICAL Act Now

D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dir 820Lw Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-38438 CRITICAL Act Now

D-Link - CWE-294: Authentication Bypass by Capture-replay. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dsl 225 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-38437 CRITICAL Act Now

D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dsl 225 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-39962 CRITICAL POC Act Now

D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability in the ntp_zone_val parameter at /goform/set_ntp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE D-Link Dir 823x Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2024-40505 CRITICAL Act Now

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Path Traversal Dap 1650 Firmware
NVD
CVSS 3.1
9.3
EPSS
0.4%
CVE-2024-39202 HIGH POC This Week

D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823X Ax3000 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-6525 MEDIUM POC This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization D-Link PHP Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
3.1%
CVE-2024-36755 MEDIUM This Month

D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. No vendor patch available.

D-Link Information Disclosure Dir 1950 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-6045 HIGH This Week

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link
NVD
CVSS 3.1
8.8
EPSS
6.3%
CVE-2024-6044 MEDIUM This Month

Certain models of D-Link wireless routers have a path traversal vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Path Traversal
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-37630 HIGH POC This Week

D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc/passwd, which allows attackers to log in as root. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-5299 HIGH This Week

D-Link D-View execMonitorScript Exposed Dangerous Method Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link RCE D View 8
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2024-5298 HIGH This Week

D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link RCE D View 8
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2024-5297 HIGH This Week

D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection RCE D View 8
NVD
CVSS 3.0
8.8
EPSS
1.9%
CVE-2024-5296 CRITICAL Act Now

D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link D View 8
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2024-5295 HIGH This Week

D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection RCE G416 Firmware
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2024-5294 MEDIUM This Month

D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Information Disclosure Dir 3040 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-5293 HIGH This Week

D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow D-Link RCE Dir 2640 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.6%
CVE-2024-5292 HIGH This Week

D-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation D-Link RCE Network Assistant
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-5291 HIGH This Week

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection RCE Dir 2150 Firmware
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2024-4965 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000-40 V31R02B1413C and classified as critical.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP Command Injection Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.9%
CVE-2024-4964 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.5%
CVE-2024-4963 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
3.0%
CVE-2024-4962 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.5%
CVE-2024-4961 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.3%
CVE-2024-4960 MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload Dar 7000 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.3%
CVE-2024-34950 HIGH POC This Week

D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure D-Link Dir 822 Firmware
NVD
CVSS 3.1
7.5
EPSS
5.2%
CVE-2024-4699 MEDIUM POC This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization D-Link PHP Dar 8000 10 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
6.1%
CVE-2024-33774 MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetup_Wizard allows remote authenticated users to trigger a denial of service (DoS) through the parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Denial Of Service Dir 619l Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2024-33773 MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanGuestSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Denial Of Service Dir 619l Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2024-33772 MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter "curTime.". Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow D-Link Denial Of Service Dir 619l Firmware
NVD GitHub
CVSS 3.1
5.7
EPSS
0.7%
CVE-2024-33771 MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS, allows remote authenticated users to trigger a denial of service (DoS) through the parameter "webpage.". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Denial Of Service Dir 619l Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2024-33113 MEDIUM POC This Month

D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection Dir 845L Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
3.4%
CVE-2024-33112 HIGH POC This Week

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 845L Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
6.5%
CVE-2024-33111 MEDIUM POC This Month

D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS Dir 845L Firmware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2024-33110 CRITICAL POC Act Now

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link PHP Dir 845L Firmware
NVD GitHub
CVSS 3.1
9.1
EPSS
0.7%
CVE-2024-33345 MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service Dir 823G Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-33344 CRITICAL POC THREAT Act Now

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to execute arbitrary commands via shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 822 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
19.9%
CVE-2024-33343 HIGH POC This Week

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 822 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
8.3%
CVE-2024-33342 HIGH POC This Week

D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 822 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2024-28436 MEDIUM This Month

Cross Site Scripting vulnerability in D-Link DAP products DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 allows a remote attacker to execute. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link PHP XSS RCE
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-27683 CRITICAL Act Now

D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow D-Link Go Rt Ac750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-3274 MEDIUM POC THREAT This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
33.5%
CVE-2024-3273 CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 320L Firmware Dns 120 Firmware Dnr 202L Firmware +17
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
100.0%
CVE-2024-3272 CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.cgi of the component HTTP GET. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Dns 320L Firmware Dns 120 Firmware Dnr 202L Firmware +17
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
98.0%
CVE-2024-27619 HIGH This Week

Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow D-Link
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
1.0%
CVE-2024-29385 CRITICAL POC Act Now

DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the cgibin binary via soapcgi_main function. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE Dir 845L Firmware
NVD GitHub
CVSS 3.1
9.0
EPSS
1.6%
CVE-2024-29366 HIGH POC This Week

A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1.01KRb03. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 845L Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-25331 CRITICAL Act Now

DIR-822 Rev. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow D-Link RCE
NVD
CVSS 3.1
9.3
EPSS
0.3%
CVE-2024-27684 MEDIUM This Month

A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link XSS Go Rt Ac750 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-27662 MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-27661 MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-27660 MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service Dir 823G Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-27659 MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-27658 MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-27657 HIGH POC This Week

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Stack Overflow RCE Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-27656 HIGH POC This Week

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Stack Overflow RCE Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-27655 HIGH POC This Week

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Stack Overflow RCE Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-1786 HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 600M Firmware
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
2.7%
CVE-2024-24321 CRITICAL POC Act Now

An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE D-Link Dir 816 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2024-22853 CRITICAL POC Act Now

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Go Rt Ac750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
4.8%
CVE-2024-22852 CRITICAL POC Act Now

D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Memory Corruption Go Rt Ac750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-0921 CRITICAL POC THREAT Act Now

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 A2 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
37.6%
CVE-2024-23625 CRITICAL Act Now

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
CVSS 3.1
9.8
EPSS
22.8%
CVE-2024-23624 CRITICAL Act Now

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
CVSS 3.1
9.8
EPSS
26.0%
CVE-2024-22751 CRITICAL POC Act Now

D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the sub_477AA0 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Memory Corruption Dir 882 A1 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-22651 CRITICAL POC THREAT Act Now

There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 815 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
20.2%
CVE-2024-0769 CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Path Traversal Dir 859 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
82.7%
CVE-2024-0717 MEDIUM POC THREAT This Month

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dir 825Acg1 Firmware Dir 841 Firmware Dir 1260 Firmware +41
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
18.2%
EPSS 8% CVSS 5.3
MEDIUM POC This Month

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware +19
NVD GitHub VulDB
EPSS 8% CVSS 5.3
MEDIUM POC This Month

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware +19
NVD GitHub VulDB
EPSS 23% CVSS 5.3
MEDIUM POC THREAT This Month

A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware +19
NVD GitHub VulDB
EPSS 8% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware +19
NVD GitHub VulDB
EPSS 7% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 1550 04 Firmware +19
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgrade_filter_asp function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Di 8004W Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in jhttpd msp_info_htm function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Di 8004W Firmware
NVD GitHub
EPSS 16% CVSS 9.8
CRITICAL POC THREAT Act Now

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 860L Firmware
NVD GitHub
EPSS 19% CVSS 5.3
MEDIUM POC THREAT This Month

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 120 Firmware +19
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow D-Link
NVD GitHub VulDB
EPSS 5% CVSS 5.3
MEDIUM This Month

A vulnerability was found in D-Link DI-8100 16.07. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection Di 8100 Firmware
NVD GitHub VulDB
EPSS 2% CVSS 8.7
HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware +19
NVD GitHub VulDB
EPSS 2% CVSS 8.7
HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware +19
NVD GitHub VulDB
EPSS 2% CVSS 8.7
HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware +19
NVD GitHub VulDB
EPSS 2% CVSS 8.7
HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware +19
NVD GitHub VulDB
EPSS 16% CVSS 8.7
HIGH POC THREAT This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326,. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dns 120 Firmware +19
NVD GitHub VulDB
EPSS 25% CVSS 5.3
MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Dir 300 Firmware
NVD GitHub
EPSS 8% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.htm. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Di 8100 Firmware
NVD GitHub VulDB
EPSS 6% CVSS 5.3
MEDIUM POC This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-600 up to 2.18. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 600 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dir 860L Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dir 820Lw Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link - CWE-294: Authentication Bypass by Capture-replay. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dsl 225 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dsl 225 Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability in the ntp_zone_val parameter at /goform/set_ntp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE D-Link +1
NVD GitHub
EPSS 0% CVSS 9.3
CRITICAL Act Now

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Path Traversal Dap 1650 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823X Ax3000 Firmware
NVD GitHub
EPSS 3% CVSS 5.1
MEDIUM POC This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization D-Link PHP +1
NVD GitHub VulDB
EPSS 0% CVSS 6.8
MEDIUM This Month

D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. No vendor patch available.

D-Link Information Disclosure Dir 1950 Firmware
NVD
EPSS 6% CVSS 8.8
HIGH This Week

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Certain models of D-Link wireless routers have a path traversal vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Path Traversal
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc/passwd, which allows attackers to log in as root. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Dir 605l Firmware
NVD GitHub
EPSS 2% CVSS 8.8
HIGH This Week

D-Link D-View execMonitorScript Exposed Dangerous Method Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link RCE D View 8
NVD
EPSS 2% CVSS 8.8
HIGH This Week

D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link RCE D View 8
NVD
EPSS 2% CVSS 8.8
HIGH This Week

D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link Command Injection RCE +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link D View 8
NVD
EPSS 2% CVSS 8.8
HIGH This Week

D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection RCE +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Information Disclosure Dir 3040 Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow D-Link +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

D-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation D-Link RCE +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection RCE +1
NVD
EPSS 3% CVSS 5.3
MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000-40 V31R02B1413C and classified as critical.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP Command Injection +1
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload +1
NVD GitHub VulDB
EPSS 3% CVSS 5.3
MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload +1
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload +1
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload +1
NVD GitHub VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

D-Link PHP File Upload +1
NVD GitHub VulDB
EPSS 5% CVSS 7.5
HIGH POC This Week

D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure D-Link +1
NVD
EPSS 6% CVSS 5.3
MEDIUM POC This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization D-Link PHP +1
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetup_Wizard allows remote authenticated users to trigger a denial of service (DoS) through the parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanGuestSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Denial Of Service +1
NVD GitHub
EPSS 1% CVSS 5.7
MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter "curTime.". Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow D-Link +2
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS, allows remote authenticated users to trigger a denial of service (DoS) through the parameter "webpage.". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Denial Of Service +1
NVD GitHub
EPSS 3% CVSS 5.3
MEDIUM POC This Month

D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection +1
NVD GitHub
EPSS 6% CVSS 7.5
HIGH POC This Week

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 845L Firmware
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP XSS +1
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL POC Act Now

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link PHP +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service +1
NVD GitHub
EPSS 20% CVSS 9.8
CRITICAL POC THREAT Act Now

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to execute arbitrary commands via shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 822 Firmware
NVD GitHub
EPSS 8% CVSS 8.8
HIGH POC This Week

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 822 Firmware
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 822 Firmware
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross Site Scripting vulnerability in D-Link DAP products DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 allows a remote attacker to execute. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link PHP XSS +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow D-Link +1
NVD GitHub
EPSS 33% CVSS 5.3
MEDIUM POC THREAT This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Information Disclosure
NVD GitHub VulDB
EPSS 100% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dns 320L Firmware +19
NVD GitHub VulDB
EPSS 98% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.cgi of the component HTTP GET. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Dns 320L Firmware +19
NVD GitHub VulDB
EPSS 1% CVSS 7.3
HIGH This Week

Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow D-Link
NVD GitHub VulDB
EPSS 2% CVSS 9.0
CRITICAL POC Act Now

DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the cgibin binary via soapcgi_main function. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

D-Link Command Injection RCE +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1.01KRb03. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 845L Firmware
NVD GitHub
EPSS 0% CVSS 9.3
CRITICAL Act Now

DIR-822 Rev. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow D-Link +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link XSS Go Rt Ac750 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference D-Link Denial Of Service +1
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Denial Of Service Dir 823G Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Stack Overflow +3
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Stack Overflow +3
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Stack Overflow +3
NVD
EPSS 3% CVSS 7.5
HIGH POC This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Dir 600M Firmware
NVD VulDB GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE D-Link +1
NVD GitHub VulDB
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass D-Link Go Rt Ac750 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Memory Corruption +1
NVD GitHub
EPSS 38% CVSS 9.8
CRITICAL POC THREAT Act Now

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 816 A2 Firmware
NVD GitHub VulDB
EPSS 23% CVSS 9.8
CRITICAL Act Now

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
EPSS 26% CVSS 9.8
CRITICAL Act Now

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dap 1650 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the sub_477AA0 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Memory Corruption +1
NVD GitHub
EPSS 20% CVSS 9.8
CRITICAL POC THREAT Act Now

There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 815 Firmware
NVD GitHub
EPSS 83% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Path Traversal Dir 859 Firmware
NVD GitHub VulDB
EPSS 18% CVSS 5.3
MEDIUM POC THREAT This Month

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dir 825Acg1 Firmware +43
NVD GitHub VulDB
Prev Page 8 of 16 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy