Vulnerabilities > D Link > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-18 CVE-2018-10967 OS Command Injection vulnerability in D-Link Dir-550A Firmware and Dir-604M Firmware
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.
network
low complexity
d-link CWE-78
8.8
8.8
2018-05-04 CVE-2018-10750 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
An issue was discovered on D-Link DSL-3782 EU 1.01 devices.
network
low complexity
d-link CWE-119
8.8
8.8
2018-05-04 CVE-2018-10749 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
An issue was discovered on D-Link DSL-3782 EU 1.01 devices.
network
low complexity
d-link CWE-119
8.8
8.8
2018-05-04 CVE-2018-10748 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
An issue was discovered on D-Link DSL-3782 EU 1.01 devices.
network
low complexity
d-link CWE-119
8.8
8.8
2018-05-04 CVE-2018-10747 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
An issue was discovered on D-Link DSL-3782 EU 1.01 devices.
network
low complexity
d-link CWE-119
8.8
8.8
2018-05-04 CVE-2018-10746 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
An issue was discovered on D-Link DSL-3782 EU 1.01 devices.
network
low complexity
d-link CWE-119
8.8
8.8
2018-05-03 CVE-2018-10713 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
An issue was discovered on D-Link DSL-3782 EU 1.01 devices.
network
low complexity
d-link CWE-119
8.8
8.8
2018-04-26 CVE-2018-10431 OS Command Injection vulnerability in D-Link Dir-615 Firmware 2.5.17
D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen.
network
low complexity
d-link CWE-78
7.2
7.2
2018-04-03 CVE-2018-8941 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v.
network
low complexity
d-link CWE-119
8.8
8.8
2018-01-12 CVE-2018-5371 OS Command Injection vulnerability in D-Link Dsl-2540U Firmware and Dsl-2640U Firmware
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request.
network
low complexity
d-link CWE-78
8.8
8.8