Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-08 | CVE-2020-24577 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dsl-2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 5.0 |
| 2020-12-30 | CVE-2019-12768 | Improper Authentication vulnerability in Dlink Dap-1650 Firmware An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. | 7.5 |
| 2020-12-15 | CVE-2020-25759 | Improper Input Validation vulnerability in Dlink products An issue was discovered on D-Link DSR-250 3.17 devices. | 9.0 |
| 2020-12-15 | CVE-2020-25758 | Improper Validation of Integrity Check Value vulnerability in Dlink products An issue was discovered on D-Link DSR-250 3.17 devices. | 9.0 |
| 2020-12-15 | CVE-2020-25757 | Improper Input Validation vulnerability in Dlink products A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. | 8.3 |
| 2020-10-06 | CVE-2020-26582 | Command Injection vulnerability in Dlink Dap-1360U Firmware D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18). | 9.0 |
| 2020-09-19 | CVE-2020-25786 | Cross-Site Scripting vulnerability in Dlink products ** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. | 4.3 |
| 2020-09-14 | CVE-2018-20432 | USE of Hard-Coded Credentials vulnerability in Dlink Covr-2600R Firmware and Covr-3902 Firmware D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration. | 10.0 |
| 2020-09-02 | CVE-2020-25079 | Unspecified vulnerability in Dlink Dcs-2530L Firmware and Dcs-2670L Firmware An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. | 9.0 |
| 2020-07-23 | CVE-2020-15632 | Incorrect Implementation of Authentication Algorithm vulnerability in Dlink Dir-842 Firmware This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-842 3.13B05 routers. | 5.8 |