Vulnerabilities > Dlink

DATE CVE VULNERABILITY TITLE RISK
2022-06-16 CVE-2018-18907 Improper Authentication vulnerability in Dlink Dir-850L Firmare
An issue was discovered on D-Link DIR-850L 1.21WW devices.
network
low complexity
dlink CWE-287
5.0
2022-06-03 CVE-2022-29778 Unspecified vulnerability in Dlink Dir-890L Firmware 1.09/1.11B01
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php.
network
low complexity
dlink
6.5
2022-06-02 CVE-2022-30521 Out-of-bounds Write vulnerability in Dlink Dir-890L Firmware
The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions.
network
low complexity
dlink CWE-787
critical
10.0
2022-05-23 CVE-2022-28932 Incorrect Default Permissions vulnerability in Dlink Dsl-G2452Dg Firmware
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
network
low complexity
dlink CWE-276
7.5
2022-05-18 CVE-2022-28955 Improper Authentication vulnerability in Dlink Dir-816L Firmware 206B01
An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php.
network
low complexity
dlink CWE-287
5.0
2022-05-18 CVE-2022-28956 Unspecified vulnerability in Dlink Dir-816L Firmware 206B01
An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload.
network
low complexity
dlink
7.5
2022-05-18 CVE-2022-28958 Unspecified vulnerability in Dlink Dir-816L Firmware 206B01
D-Link DIR816L_FW206b01 was discovered to contain a remote code execution (RCE) vulnerability via the value parameter at shareport.php.
network
low complexity
dlink
7.5
2022-05-17 CVE-2022-29332 Path Traversal vulnerability in Dlink Dir-825 Firmware 2022.01.1313.48
D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal.
network
low complexity
dlink CWE-22
4.0
2022-05-10 CVE-2022-28895 Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06
A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
network
low complexity
dlink CWE-77
critical
10.0
2022-05-10 CVE-2022-28896 Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06
A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
network
low complexity
dlink CWE-77
critical
10.0