High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-03	CVE-2018-8941	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01 Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. network low complexity d-link CWE-119	8.8
2018-03-05	CVE-2018-7698	Insufficiently Protected Credentials vulnerability in D-Link Mydlink+ 3.8.5 An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. network high complexity d-link CWE-522	8.1
2018-01-12	CVE-2018-5371	OS Command Injection vulnerability in D-Link Dsl-2540U Firmware and Dsl-2640U Firmware diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request. network low complexity d-link CWE-78	8.8
2017-11-15	CVE-2017-7851	Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dcs-936L D-Link DCS-936L devices with firmware before 1.05.07 have an inadequate CSRF protection mechanism that requires the device's IP address to be a substring of the HTTP Referer header. network low complexity d-link CWE-352	8.8
2017-04-24	CVE-2015-7245	Path Traversal vulnerability in D-Link Dvg-N5402Sp Firmware W1000Cn00/W1000Cn03/W2000En00 Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. network low complexity d-link CWE-22	7.5
2017-04-21	CVE-2016-1559	Information Exposure vulnerability in D-Link products D-Link DAP-1353 H/W vers. network high complexity d-link CWE-200	8.1
2017-04-04	CVE-2017-7398	Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-615 Firmware 20.09 D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. network low complexity d-link CWE-352	8.8
2017-03-22	CVE-2017-5874	Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-600M Firmware CSRF exists on D-Link DIR-600M Rev. network low complexity d-link CWE-352	8.8
2017-03-06	CVE-2017-5633	Cross-Site Request Forgery (CSRF) vulnerability in D-Link Di-524 Firmware 9.01 Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. network low complexity d-link CWE-352	8.0