Vulnerabilities > Dlink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-08 | CVE-2024-39202 | Unspecified vulnerability in Dlink Dir-823X Ax3000 Firmware 240126 D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings. | 8.8 |
2024-07-05 | CVE-2024-6525 | Deserialization of Untrusted Data vulnerability in Dlink Dar-7000 Firmware 100A53Dbr/20151231/31R02B1413C ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. | 8.8 |
2024-04-04 | CVE-2024-3272 | Use of Hard-coded Credentials vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. | 9.8 |
2024-04-04 | CVE-2024-3273 | Command Injection vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. | 9.8 |
2024-02-08 | CVE-2024-24321 | Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb05 An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. | 9.8 |
2024-02-06 | CVE-2024-22852 | Out-of-bounds Write vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. | 9.8 |
2024-02-06 | CVE-2024-22853 | Use of Hard-coded Credentials vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. | 9.8 |
2024-01-26 | CVE-2024-0921 | OS Command Injection vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb04 A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. | 9.8 |
2024-01-26 | CVE-2024-23624 | Command Injection vulnerability in Dlink Dap-1650 Firmware A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. | 9.8 |
2024-01-26 | CVE-2024-23625 | Command Injection vulnerability in Dlink Dap-1650 Firmware A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. | 9.8 |