336
CVEs
43
Critical
166
High
0
KEV
246
PoC
204
Unpatched C/H
2.1%
Patch Rate
1.0%
Avg EPSS
Severity Breakdown
CRITICAL
43
HIGH
166
MEDIUM
48
LOW
79
Monthly CVE Trend
Affected Products (30)
PHP
94
Dir 619l Firmware
63
Dir 816 Firmware
62
Dir 823G Firmware
58
Dir 605l Firmware
56
Dir 878 Firmware
38
Dir 513 Firmware
34
Dns 320 Firmware
27
Dir 882 Firmware
26
Dns 320Lw Firmware
25
Dns 325 Firmware
25
Dns 327L Firmware
24
Dnr 326 Firmware
24
Dns 340L Firmware
24
Dar 7000 Firmware
23
Dns 320L Firmware
23
Dns 345 Firmware
22
Dnr 322L Firmware
22
Dir 850L Firmware
22
Dwr M960 Firmware
22
Dsl 3782 Firmware
22
Dns 726 4 Firmware
21
Dns 1100 4 Firmware
21
Dnr 202L Firmware
21
Dns 1200 05 Firmware
21
Dns 326 Firmware
21
Dns 315L Firmware
21
Dns 120 Firmware
21
Dns 321 Firmware
21
Dns 1550 04 Firmware
21
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2013-10069 | The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 71.7%. | CRITICAL | 10.0 | 71.7% | 142 |
PoC
No patch
|
| CVE-2013-10048 | An OS command injection vulnerability exists in various legacy D-Link routers-including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)-due to improper input handling in the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 59.8%. | CRITICAL | 9.3 | 59.8% | 141 |
PoC
No patch
|
| CVE-2013-10050 | An OS command injection vulnerability exists in multiple D-Link routers-confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)-via the authenticated tools_vct.xgi CGI endpoint. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 61.9%. | HIGH | 8.7 | 61.9% | 140 |
PoC
No patch
|
| CVE-2013-10059 | An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 50.8%. | HIGH | 8.6 | 50.8% | 129 |
PoC
No patch
|
| CVE-2018-25115 | Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 10.0 | 1.6% | 72 |
PoC
No patch
|
| CVE-2025-69542 | D-Link DIR-895L router has command injection in the DHCP daemon via the hostname parameter during lease renewal. Any device requesting a DHCP lease with a malicious hostname achieves root code execution on the router. PoC available. | CRITICAL | 9.8 | 1.5% | 71 |
PoC
No patch
|
| CVE-2026-3485 | Command injection in D-Link DIR-868L via SSDP service. PoC available. | CRITICAL | 9.8 | 0.4% | 69 |
PoC
No patch
|
| CVE-2025-70231 | Path traversal in D-Link DIR-513 verification code processing. PoC available. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2025-46108 | D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup. [CVSS 9.8 CRITICAL] | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2025-70218 | Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvFirewall. Part of a family of 15+ critical buffer overflows in this router. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2025-70220 | Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4. Part of a family of 15+ critical buffer overflows in this router. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2025-70223 | Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork. Part of a family of 15+ critical buffer overflows in this router. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2025-70226 | Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard. Part of a family of 15+ critical buffer overflows in this router. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2025-70219 | Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formDeviceReboot. Part of a family of 15+ critical buffer overflows in this router. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2025-70221 | Stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin. Part of a family of 15+ critical buffer overflows in this router. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|