Vulnerabilities > D Link > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-02 | CVE-2022-44929 | Unspecified vulnerability in D-Link Dvg-G5402Sp Firmware Ge1.03 An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. | 9.8 |
| 2022-12-02 | CVE-2022-44928 | OS Command Injection vulnerability in D-Link Dvg-G5402Sp Firmware Ge1.03 D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function. | 9.8 |
| 2021-04-07 | CVE-2021-26709 | Out-of-bounds Write vulnerability in D-Link Dsl-320B-D1 D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote attackers to take over a device via the login.xgi user and pass parameters. | 9.8 |
| 2020-08-18 | CVE-2019-6258 | Classic Buffer Overflow vulnerability in D-Link Dir-822 Firmware D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file. | 9.8 |
| 2019-05-13 | CVE-2018-19990 | OS Command Injection vulnerability in D-Link Dir-822 Firmware 202Krb06 In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. | 9.8 |
| 2019-05-13 | CVE-2018-19989 | OS Command Injection vulnerability in multiple products In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. | 9.8 |
| 2019-05-13 | CVE-2018-19988 | OS Command Injection vulnerability in D-Link Dir-868L Firmware 2.05B02 In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable, and the vulnerabilities affect D-Link DIR-868L Rev.B 2.05B02 devices. | 9.8 |
| 2019-05-13 | CVE-2018-19987 | OS Command Injection vulnerability in multiple products D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. | 9.8 |
| 2019-05-13 | CVE-2018-19986 | OS Command Injection vulnerability in D-Link Dir-818Lw Firmware and Dir-822 Firmware In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. | 9.8 |
| 2019-04-11 | CVE-2018-19300 | Improper Input Validation vulnerability in multiple products On D-Link DAP-1530 (A1) before firmware version 1.06b01, DAP-1610 (A1) before firmware version 1.06b01, DWR-111 (A1) before firmware version 1.02v02, DWR-116 (A1) before firmware version 1.06b03, DWR-512 (B1) before firmware version 2.02b01, DWR-711 (A1) through firmware version 1.11, DWR-712 (B1) before firmware version 2.04b01, DWR-921 (A1) before firmware version 1.02b01, and DWR-921 (B1) before firmware version 2.03b01, there exists an EXCU_SHELL file in the web directory. | 9.8 |