Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-26 | CVE-2021-20696 | OS Command Injection vulnerability in Dlink Dap-1880Ac Firmware DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a specially crafted request to a specific CGI program. | 9.0 |
| 2021-04-14 | CVE-2021-27250 | External Control of File Name or Path vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. | 6.5 |
| 2021-04-14 | CVE-2021-27249 | OS Command Injection vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. | 8.8 |
| 2021-04-14 | CVE-2021-27248 | Stack-based Buffer Overflow vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. | 8.8 |
| 2021-04-12 | CVE-2021-29379 | OS Command Injection vulnerability in Dlink Dir-802 Firmware 1.00B05 An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. | 8.8 |
| 2021-04-02 | CVE-2020-27600 | OS Command Injection vulnerability in Dlink Dir-846 Firmware A1100.26 HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows remote attackers to execute arbitrary commands via shell metacharacters in the ssid0 or ssid1 parameter. | 10.0 |
| 2021-04-02 | CVE-2021-30072 | Out-of-bounds Write vulnerability in Dlink Dir-878 Firmware An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. | 7.5 |
| 2021-03-30 | CVE-2021-26810 | OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. | 10.0 |
| 2021-03-11 | CVE-2021-28143 | Command Injection vulnerability in Dlink Dir-841 Firmware 3.03/3.04 /jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools). | 7.7 |
| 2021-03-11 | CVE-2021-28144 | Command Injection vulnerability in Dlink Dir-3060 Firmware prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely. | 9.0 |