Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-27 | CVE-2022-32092 | OS Command Injection vulnerability in Dlink Dir-645 Firmware 1.03 D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. | 9.8 |
| 2022-06-16 | CVE-2018-18907 | Improper Authentication vulnerability in Dlink Dir-850L Firmare An issue was discovered on D-Link DIR-850L 1.21WW devices. | 7.5 |
| 2022-06-03 | CVE-2022-29778 | Unspecified vulnerability in Dlink Dir-890L Firmware D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php | 8.8 |
| 2022-06-02 | CVE-2022-30521 | Out-of-bounds Write vulnerability in Dlink Dir-890L Firmware 1.05/1.07B09 The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. | 9.8 |
| 2022-05-23 | CVE-2022-28932 | Incorrect Default Permissions vulnerability in Dlink Dsl-G2452Dg Firmware D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions. | 9.8 |
| 2022-05-18 | CVE-2022-28955 | Improper Authentication vulnerability in Dlink Dir-816L Firmware 206B01 An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php. | 7.5 |
| 2022-05-18 | CVE-2022-28956 | Unspecified vulnerability in Dlink Dir-816L Firmware 206B01 An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. | 9.8 |
| 2022-05-17 | CVE-2022-29332 | Path Traversal vulnerability in Dlink Dir-825 Firmware 2022.01.1313.48 D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. | 6.5 |
| 2022-05-10 | CVE-2022-28895 | OS Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06 A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 9.8 |
| 2022-05-10 | CVE-2022-28896 | OS Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06 A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 9.8 |