Vulnerabilities > D Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-02 | CVE-2022-44929 | Unspecified vulnerability in D-Link Dvg-G5402Sp Firmware Ge1.03 An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. | 9.8 |
| 2022-12-02 | CVE-2022-44928 | OS Command Injection vulnerability in D-Link Dvg-G5402Sp Firmware Ge1.03 D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function. | 9.8 |
| 2021-10-31 | CVE-2021-33259 | Missing Authentication for Critical Function vulnerability in D-Link Dir-868Lw Firmware 1.12B Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history. | 5.3 |
| 2021-09-24 | CVE-2021-41503 | Improper Authentication vulnerability in multiple products DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. | 8.0 |
| 2021-04-07 | CVE-2021-26709 | Out-of-bounds Write vulnerability in D-Link Dsl-320B-D1 D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote attackers to take over a device via the login.xgi user and pass parameters. | 9.8 |
| 2020-08-18 | CVE-2019-6258 | Classic Buffer Overflow vulnerability in D-Link Dir-822 Firmware D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file. | 9.8 |
| 2020-07-23 | CVE-2020-15633 | Authentication Bypass Using an Alternate Path or Channel vulnerability in D-Link products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. | 8.8 |
| 2020-03-05 | CVE-2020-9544 | Improper Authentication vulnerability in D-Link Dsl-2640B Firmware E1Eu1.01 An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. | 5.0 |
| 2019-11-22 | CVE-2013-6811 | Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dsl6740U Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. | 6.8 |
| 2019-10-16 | CVE-2019-17663 | Cross-site Scripting vulnerability in D-Link Dir-866L Firmware 1.03B04 D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in the device common gateway interface, leading to common injection. | 6.1 |