Vulnerabilities > D Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-06-07 | CVE-2006-2901 | Information Disclosure vulnerability in D-Link DWL-2100AP The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords. | 5.0 |
| 2006-05-30 | CVE-2006-2653 | Cross-Site Scripting vulnerability in D-Link Airspot DSA-3100 Gateway Login_error.SHTML Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. | 2.6 |
| 2006-05-12 | CVE-2006-2337 | Path Traversal vulnerability in D-Link Dsl-G604T Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. | 5.0 |
| 2006-02-19 | CVE-2006-0784 | Denial Of Service vulnerability in D-Link DWL-G700AP HTTPD D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments. | 5.0 |
| 2005-12-31 | CVE-2005-4723 | Denial of Service vulnerability in D-Link Di-524, Di-624 and Di-784 D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment. | 5.0 |
| 2005-05-26 | CVE-2005-1828 | Information Disclosure vulnerability in D-Link Dsl-504T V1.00B01T16.Eu.20040217 D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. | 7.5 |
| 2005-05-26 | CVE-2005-1827 | Remote Authentication Bypass vulnerability in D-Link Dsl-504T V1.00B01T16.Eu.20040217 D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as upgrade firmware, restart the router or restore a saved configuration, via a direct request to firmwarecfg. | 7.5 |
| 2005-05-20 | CVE-2005-1680 | Security Bypass vulnerability in DSL-562T D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address. | 7.5 |
| 2004-12-06 | CVE-2004-0615 | Unspecified vulnerability in D-Link Di-614+, Di-624 and Di-704P Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request. | 5.1 |
| 2004-08-31 | CVE-2004-1650 | Remote Configuration vulnerability in D-Link Dcs-900 Internet Camera 2.10/2.20/2.28 D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet. | 7.5 |