Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-17 | CVE-2021-46315 | OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A43/100A53Dla Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. | 9.8 |
| 2022-02-17 | CVE-2021-46319 | OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A43/100A53Dla Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. | 9.8 |
| 2022-02-17 | CVE-2021-45382 | OS Command Injection vulnerability in Dlink products A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. | 9.8 |
| 2022-02-17 | CVE-2021-46314 | OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A43/100A53Dla A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name. | 9.8 |
| 2022-02-10 | CVE-2021-41445 | Cross-site Scripting vulnerability in Dlink Dir-X1860 Firmware 1.03 A reflected cross-site-scripting attack in web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to execute code in the device of the victim via sending a specific URL to the unauthenticated victim. | 6.1 |
| 2022-02-09 | CVE-2021-41442 | HTTP Request Smuggling vulnerability in Dlink Dir-X1860 Firmware 1.03 An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. | 7.5 |
| 2022-02-09 | CVE-2021-41441 | Improper Resource Shutdown or Release vulnerability in Dlink Dir-X1860 Firmware 1.03 A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated victim. | 7.4 |
| 2022-02-04 | CVE-2021-44880 | Command Injection vulnerability in Dlink Dir-878 Firmware and Dir-882 Firmware D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. | 9.8 |
| 2022-02-04 | CVE-2021-44881 | Command Injection vulnerability in Dlink Dir-882 Firmware D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function. | 9.8 |
| 2022-02-04 | CVE-2021-44882 | Command Injection vulnerability in Dlink Dir-878 Firmware D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function. | 9.8 |