Vulnerabilities > D Link > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-24 | CVE-2021-41503 | Improper Authentication vulnerability in multiple products DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. | 8.0 |
| 2020-07-23 | CVE-2020-15633 | Authentication Bypass Using an Alternate Path or Channel vulnerability in D-Link products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. | 8.8 |
| 2018-12-20 | CVE-2018-18767 | Inadequate Encryption Strength vulnerability in multiple products An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. | 7.0 |
| 2018-12-20 | CVE-2018-18442 | Unspecified vulnerability in D-Link Dcs-825L Firmware 1.08 D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. | 7.5 |
| 2018-12-20 | CVE-2018-18441 | Information Exposure vulnerability in multiple products D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. | 7.5 |
| 2018-12-11 | CVE-2018-20057 | OS Command Injection vulnerability in D-Link Dir-605L Firmware and Dir-619L Firmware An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. | 8.8 |
| 2018-10-09 | CVE-2018-14080 | Improper Authentication vulnerability in D-Link products An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. | 7.5 |
| 2018-10-03 | CVE-2018-17880 | Missing Authentication for Critical Function vulnerability in D-Link Dir-823G Firmware On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a reboot. | 7.5 |
| 2018-09-03 | CVE-2018-16408 | OS Command Injection vulnerability in D-Link Dir-846 Firmware 100.26 D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access. | 7.2 |
| 2018-06-20 | CVE-2018-6211 | OS Command Injection vulnerability in D-Link Dir-620 Firmware On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi. | 7.2 |