Vulnerabilities > Dlink

DATE CVE VULNERABILITY TITLE RISK
2023-05-23 CVE-2023-31814 Unspecified vulnerability in Dlink Dir-300 Firmware
D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.
network
low complexity
dlink
critical
9.8
2023-05-16 CVE-2023-29961 Out-of-bounds Write vulnerability in Dlink Dir-605L Firmware 1.17B01
D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,
network
low complexity
dlink CWE-787
critical
9.8
2023-05-02 CVE-2023-29856 Classic Buffer Overflow vulnerability in Dlink Dir-868L Firmware 1.12
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow.
network
low complexity
dlink CWE-120
critical
9.8
2023-05-01 CVE-2023-30061 Improper Authentication vulnerability in Dlink Dir-879 Firmware 1.10
D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi.
network
low complexity
dlink CWE-287
7.5
2023-05-01 CVE-2023-30063 Improper Authentication vulnerability in Dlink Dir-890L Firmware 1.05
D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass.
network
low complexity
dlink CWE-287
7.5
2023-04-17 CVE-2023-29665 Out-of-bounds Write vulnerability in Dlink Dir-823G Firmware 1.0.2B05
D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.
network
low complexity
dlink CWE-787
critical
9.8
2023-04-16 CVE-2022-40946 Unspecified vulnerability in Dlink Dir-819 Firmware 1.06
On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request.
network
low complexity
dlink
7.5
2023-04-12 CVE-2023-27216 OS Command Injection vulnerability in Dlink Dsl-3782 Firmware 1.03
An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page.
network
low complexity
dlink CWE-78
8.8
2023-03-16 CVE-2023-25280 OS Command Injection vulnerability in Dlink Dir820La1 Firmware 105B03
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
network
low complexity
dlink CWE-78
critical
9.8
2023-03-16 CVE-2023-25281 Out-of-bounds Write vulnerability in Dlink Dir820La1 Firmware 105B03
A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.
network
low complexity
dlink CWE-787
7.5