Vulnerabilities > Dlink

DATE CVE VULNERABILITY TITLE RISK
2022-11-03 CVE-2022-43109 Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-10-31 CVE-2020-21016 Unspecified vulnerability in Dlink Dir-846 Firmware 100A35
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.
network
low complexity
dlink
critical
 9.8
9.8
2022-10-26 CVE-2022-42998 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-10-26 CVE-2022-42999 OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05
D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm.
network
low complexity
dlink CWE-78
7.5
7.5
2022-10-26 CVE-2022-43000 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-10-26 CVE-2022-43001 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-10-26 CVE-2022-43002 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-10-26 CVE-2022-43003 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-10-19 CVE-2022-43184 OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.30B08
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-10-19 CVE-2016-20017 Command Injection vulnerability in Dlink Dsl-2750B Firmware
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.
network
low complexity
dlink CWE-77
critical
 9.8
9.8