384
CVEs
47
Critical
205
High
0
KEV
283
PoC
246
Unpatched C/H
2.6%
Patch Rate
0.5%
Avg EPSS
Severity Breakdown
CRITICAL
47
HIGH
205
MEDIUM
122
LOW
9
Monthly CVE Trend
Affected Products (30)
Command Injection
137
Stack Overflow
60
Dir 823x Firmware
37
Dir 513 Firmware
34
Dir 619l Firmware
28
Dir 816 Firmware
26
Dwr M960 Firmware
22
Dir 605l Firmware
17
PHP
15
Dnr 202l
11
Dnr 322l
11
Dns 327l
11
Dns 315l
11
Dnr 326
11
Dns 1200 05
11
Di 7003G Firmware
11
Dns 345
11
Dns 1550 04
11
Dns 326
11
Dns 320lw
11
Dns 340l
11
Dns 325
11
Dns 321
11
Dns 1100 4
11
Dns 120
11
Dns 343
11
Dns 320
11
Dns 320l
11
Dns 323
11
Dns 726 4
11
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-29040 | An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2025-29041 | An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2025-29042 | An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2025-29043 | An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2025-69542 | D-Link DIR-895L router has command injection in the DHCP daemon via the hostname parameter during lease renewal. Any device requesting a DHCP lease with a malicious hostname achieves root code execution on the router. PoC available. | CRITICAL | 9.8 | 1.5% | 71 |
PoC
No patch
|
| CVE-2025-45931 | An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file | CRITICAL | 9.8 | 1.5% | 70 |
PoC
No patch
|
| CVE-2025-5623 | Critical stack-based buffer overflow vulnerability in D-Link DIR-816 1.10CNB05 affecting the qosClassifier function's dip_address/sip_address parameters. This unauthenticated, remotely exploitable flaw allows attackers to achieve complete system compromise (confidentiality, integrity, and availability impact). The vulnerability affects end-of-life products no longer receiving vendor support, with public exploit disclosure and confirmed proof-of-concept availability increasing real-world exploitation risk. | CRITICAL | 9.8 | 1.0% | 70 |
PoC
No patch
|
| CVE-2025-5624 | Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the QoSPortSetup function. An unauthenticated remote attacker can exploit this vulnerability by manipulating port0_group, port0_remarker, ssid0_group, or ssid0_remarker parameters to achieve arbitrary code execution, complete system compromise (confidentiality, integrity, availability), and full device takeover. Public exploit code has been disclosed, increasing real-world exploitation risk significantly. | CRITICAL | 9.8 | 0.7% | 70 |
PoC
No patch
|
| CVE-2025-5630 | Critical stack-based buffer overflow vulnerability in D-Link DIR-816 firmware version 1.10CNB05 affecting the /goform/form2lansetup.cgi endpoint. An unauthenticated remote attacker can exploit this vulnerability by manipulating the 'ip' parameter to achieve complete system compromise including data exfiltration, integrity violation, and denial of service. The vulnerability has public exploit code available and affects end-of-life products no longer receiving vendor support. | CRITICAL | 9.8 | 0.7% | 70 |
PoC
No patch
|
| CVE-2025-7206 | A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub_410DDC of the file switch_language.cgi of the component httpd. The manipulation of the argument Language leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | CRITICAL | 9.8 | 0.5% | 70 |
PoC
No patch
|
| CVE-2025-45784 | D-Link DPH-400S/SE VoIP phones running firmware v1.01 contain hardcoded provisioning credentials (PROVIS_USER_PASSWORD) embedded directly in the firmware binary, allowing attackers with firmware access to extract sensitive authentication material via static analysis tools. This critical vulnerability (CVSS 9.8) enables unauthorized access to device management functions and potentially user accounts, with network-accessible exploitation possible if combined with firmware extraction techniques. | CRITICAL | 9.8 | 0.5% | 70 |
PoC
No patch
|
| CVE-2026-3485 | Command injection in D-Link DIR-868L via SSDP service. PoC available. | CRITICAL | 9.8 | 0.4% | 69 |
PoC
No patch
|
| CVE-2025-6121 | Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST request handler's get_pure_content function. An unauthenticated remote attacker can exploit this via a malicious Content-Length header to achieve complete system compromise including arbitrary code execution, data theft, and denial of service. Public exploit code exists for this end-of-life product, creating immediate risk for any remaining deployed instances. | CRITICAL | 9.8 | 0.3% | 69 |
PoC
No patch
|
| CVE-2025-5622 | Critical stack-based buffer overflow vulnerability in D-Link DIR-816 wireless router (version 1.10CNB05) affecting the 5GHz wireless configuration interface. An unauthenticated remote attacker can exploit improper input validation in the wirelessApcli_5g function to achieve complete system compromise including arbitrary code execution, data theft, and service disruption. Public exploit code exists and the affected product line is end-of-life, creating significant risk for unpatched deployments. | CRITICAL | 9.8 | 0.3% | 69 |
PoC
No patch
|
| CVE-2025-70231 | Path traversal in D-Link DIR-513 verification code processing. PoC available. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|