Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-37129 | OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand. | 8.8 |
| 2022-08-31 | CVE-2022-37130 | OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability | 9.8 |
| 2022-08-31 | CVE-2022-36620 | Improper Validation of Specified Quantity in Input vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting. | 7.5 |
| 2022-08-28 | CVE-2022-37056 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main, | 9.8 |
| 2022-08-28 | CVE-2022-36755 | Improper Authentication vulnerability in Dlink Dir-845L Firmware D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. | 9.8 |
| 2022-08-28 | CVE-2022-36756 | Code Injection vulnerability in Dlink Dir-845L Firmware DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php. | 9.8 |
| 2022-08-28 | CVE-2022-37057 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main. | 9.8 |
| 2022-08-28 | CVE-2022-38557 | Improper Authentication vulnerability in Dlink Dir-845L Firmware D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. | 9.8 |
| 2022-08-23 | CVE-2021-42627 | Unspecified vulnerability in Dlink products The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. | 9.8 |
| 2022-08-23 | CVE-2022-35191 | Improper Resource Shutdown or Release vulnerability in Dlink Dsl-3782 Firmware 1.01 D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via a crafted HTTP connection request. | 6.5 |