Vulnerabilities > Dlink > DIR 867 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-13 CVE-2023-24762 OS Command Injection vulnerability in Dlink Dir-867 Firmware 1.30B07
OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2023-01-26 CVE-2022-41140 Out-of-bounds Write vulnerability in Dlink products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers.
low complexity
dlink CWE-787
8.8
8.8
2022-04-11 CVE-2022-1262 OS Command Injection vulnerability in Dlink products
A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.
local
low complexity
dlink CWE-78
7.2
7.2
2020-03-23 CVE-2020-8864 Incorrect Comparison vulnerability in Dlink products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04.
low complexity
dlink CWE-697
8.3
8.3
2020-03-23 CVE-2020-8863 Improper Authentication vulnerability in Dlink products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04.
low complexity
dlink CWE-287
8.3
8.3