Vulnerabilities > D Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-13 | CVE-2018-19987 | OS Command Injection vulnerability in D-Link products D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. | 10.0 |
| 2019-05-13 | CVE-2018-19986 | OS Command Injection vulnerability in D-Link Dir-818Lw Firmware and Dir-822 Firmware In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. | 10.0 |
| 2019-04-11 | CVE-2018-19300 | Improper Input Validation vulnerability in D-Link products On D-Link DAP-1530 (A1) before firmware version 1.06b01, DAP-1610 (A1) before firmware version 1.06b01, DWR-111 (A1) before firmware version 1.02v02, DWR-116 (A1) before firmware version 1.06b03, DWR-512 (B1) before firmware version 2.02b01, DWR-711 (A1) through firmware version 1.11, DWR-712 (B1) before firmware version 2.04b01, DWR-921 (A1) before firmware version 1.02b01, and DWR-921 (B1) before firmware version 2.03b01, there exists an EXCU_SHELL file in the web directory. | 10.0 |
| 2019-02-25 | CVE-2019-9126 | Information Exposure vulnerability in D-Link Dir-825 Rev.B Firmware 2.10 An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 5.0 |
| 2019-02-25 | CVE-2019-9125 | Missing Authentication for Critical Function vulnerability in D-Link Dir-878 Firmware 1.12B01 An issue was discovered on D-Link DIR-878 1.12B01 devices. | 7.5 |
| 2019-02-25 | CVE-2019-9124 | Improper Authentication vulnerability in D-Link Dir-878 Firmware 1.12B01 An issue was discovered on D-Link DIR-878 1.12B01 devices. | 7.5 |
| 2019-02-25 | CVE-2019-9123 | Weak Password Requirements vulnerability in D-Link Dir-825 Rev.B Firmware 2.10 An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 7.5 |
| 2019-02-25 | CVE-2019-9122 | Unspecified vulnerability in D-Link Dir-825 Rev.B Firmware 2.10 An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 6.5 |
| 2019-01-31 | CVE-2019-7297 | OS Command Injection vulnerability in D-Link Dir-823G Firmware An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. | 10.0 |
| 2019-01-31 | CVE-2018-15517 | Server-Side Request Forgery (SSRF) vulnerability in D-Link Central Wifimanager 1.03 The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. | 5.0 |