Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-31 | CVE-2021-43722 | Out-of-bounds Write vulnerability in Dlink Dir-645 Firmware 1.03 D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. | 9.8 |
| 2022-03-28 | CVE-2022-26258 | OS Command Injection vulnerability in Dlink Dir-820L Firmware 1.05 D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | 9.8 |
| 2022-03-27 | CVE-2021-44127 | Unspecified vulnerability in Dlink Dap-1360F1 Firmware 6.10 In DLink DAP-1360 F1 firmware version <=v6.10 in the "webupg" binary, an attacker can use the "file" parameter to execute arbitrary system commands when the parameter is "name=deleteFile" after being authorized. | 9.8 |
| 2022-03-24 | CVE-2021-31326 | Improper Authentication vulnerability in Dlink Dir-816 Firmware 1.10Cnb05 D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a crafted tokenid parameter to /goform/form2Reboot.cgi. | 9.8 |
| 2022-03-04 | CVE-2021-46353 | Information Exposure Through an Error Message vulnerability in Dlink Dir-X1860 Firmware 1.03 An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application. | 5.3 |
| 2022-03-04 | CVE-2022-25106 | Out-of-bounds Write vulnerability in Dlink Dir-859 A3 Firmware and Dir-859 Firmware D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. | 5.5 |
| 2022-03-04 | CVE-2021-46379 | Open Redirect vulnerability in Dlink Dir-850L Firmware 1.08Trb03 DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. | 6.1 |
| 2022-03-04 | CVE-2021-46381 | Path Traversal vulnerability in Dlink Dap-1620 Firmware Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow]. | 7.5 |
| 2022-03-04 | CVE-2021-46378 | Forced Browsing vulnerability in Dlink Dir-850L Firmware 1.08Trb03 DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download. | 7.5 |
| 2022-02-18 | CVE-2021-46108 | Cross-site Scripting vulnerability in Dlink Dsl-2730E Firmware Ct20131125 D-Link DSL-2730E CT-20131125 devices allow XSS via the username parameter to the password page in the maintenance configuration. | 5.4 |