Vulnerabilities > D Link

DATE CVE VULNERABILITY TITLE RISK
2022-12-02 CVE-2022-44929 Unspecified vulnerability in D-Link Dvg-G5402Sp Firmware Ge1.03
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.
network
low complexity
d-link
critical
9.8
2022-12-02 CVE-2022-44928 OS Command Injection vulnerability in D-Link Dvg-G5402Sp Firmware Ge1.03
D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function.
network
low complexity
d-link CWE-78
critical
9.8
2021-10-31 CVE-2021-33259 Missing Authentication for Critical Function vulnerability in D-Link Dir-868Lw Firmware 1.12B
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history.
network
low complexity
d-link CWE-306
5.3
2021-09-24 CVE-2021-41503 Improper Authentication vulnerability in multiple products
DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control.
low complexity
dlink d-link CWE-287
8.0
2021-04-07 CVE-2021-26709 Out-of-bounds Write vulnerability in D-Link Dsl-320B-D1
D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote attackers to take over a device via the login.xgi user and pass parameters.
network
low complexity
d-link CWE-787
critical
9.8
2020-08-18 CVE-2019-6258 Classic Buffer Overflow vulnerability in D-Link Dir-822 Firmware
D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.
network
low complexity
d-link CWE-120
critical
9.8
2020-07-23 CVE-2020-15633 Unspecified vulnerability in D-Link products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA.
low complexity
d-link
8.8
2020-03-05 CVE-2020-9544 Missing Authentication for Critical Function vulnerability in D-Link Dsl-2640B Firmware E1Eu1.01
An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices.
network
low complexity
d-link CWE-306
7.5
2019-11-22 CVE-2013-6811 Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dsl6740U Firmware
Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev.
network
low complexity
d-link CWE-352
8.8
2019-10-16 CVE-2019-17663 Cross-site Scripting vulnerability in D-Link Dir-866L Firmware 1.03B04
D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in the device common gateway interface, leading to common injection.
network
low complexity
d-link CWE-79
6.1