Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-29 | CVE-2022-43631 | OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. | 6.8 |
| 2023-03-29 | CVE-2022-43632 | OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. | 6.8 |
| 2023-03-29 | CVE-2022-43633 | OS Command Injection vulnerability in Dlink Dir-1935 Firmware 1.03 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. | 6.8 |
| 2023-03-16 | CVE-2023-25280 | OS Command Injection vulnerability in Dlink Dir820La1 Firmware 105B03 OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. | 9.8 |
| 2023-03-16 | CVE-2023-25281 | Out-of-bounds Write vulnerability in Dlink Dir820La1 Firmware 105B03 A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. | 7.5 |
| 2023-03-15 | CVE-2023-25282 | Out-of-bounds Write vulnerability in Dlink Dir-820L Firmware 1.06 A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. | 6.5 |
| 2023-03-13 | CVE-2023-25279 | OS Command Injection vulnerability in Dlink Dir-820L Firmware 105B03 OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload. | 9.8 |
| 2023-03-13 | CVE-2023-24762 | OS Command Injection vulnerability in Dlink Dir-867 Firmware 1.30B07 OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1. | 9.8 |
| 2023-03-13 | CVE-2023-25283 | Out-of-bounds Write vulnerability in Dlink Dir-820L Firmware 1.06B02 A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. | 7.5 |
| 2023-02-11 | CVE-2023-0127 | Command Injection vulnerability in Dlink Dwl-2600Ap Firmware 4.2.0.17 A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root. | 7.8 |