Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2021-46453 | Command Injection vulnerability in Dlink Dir-823 PRO Firmware 1.0.2 D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetStaticRouteSettings. | 9.8 |
| 2022-02-04 | CVE-2021-46454 | Command Injection vulnerability in Dlink Dir-823 PRO Firmware 1.0.2 D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetWLanApcliSettings. | 9.8 |
| 2022-02-04 | CVE-2021-46455 | Command Injection vulnerability in Dlink Dir-823 PRO Firmware 1.0.2 D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetStationSettings. | 9.8 |
| 2022-02-04 | CVE-2021-46456 | Command Injection vulnerability in Dlink Dir-823 PRO Firmware 1.0.2 D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetWLanACLSettings. | 9.8 |
| 2022-02-04 | CVE-2021-46457 | Command Injection vulnerability in Dlink Dir-823 PRO Firmware 1.0.2 D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function ChgSambaUserSettings. | 9.8 |
| 2021-12-30 | CVE-2021-20132 | Use of Hard-coded Credentials vulnerability in Dlink Dir-2640-Us Firmware 1.01/1.01B04/1.11B02 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those services. | 8.8 |
| 2021-12-30 | CVE-2021-20133 | Path Traversal vulnerability in Dlink Dir-2640-Us Firmware 1.01/1.01B04/1.11B02 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of the day" banner to any file on the system, allowing them to read all or some of the contents of those files. | 6.1 |
| 2021-12-30 | CVE-2021-20134 | Path Traversal vulnerability in Dlink Dir-2640-Us Firmware 1.01/1.01B04/1.11B02 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set an arbitrary file on the router's filesystem as the log file used by either Quagga service (zebra or ripd). | 8.4 |
| 2021-12-01 | CVE-2021-33265 | Out-of-bounds Write vulnerability in Dlink Dir-809 Firmware 1.00/1.02/1.12Wwb03 D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80046eb4 in /formSetPortTr. | 9.8 |
| 2021-12-01 | CVE-2021-33266 | Out-of-bounds Write vulnerability in Dlink Dir-809 Firmware 1.00/1.02/1.12Wwb03 D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_8004776c in /formVirtualApp. | 9.8 |