Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2020-29321 | Insufficiently Protected Credentials vulnerability in Dlink Dir-868L Firmware 3.01 The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data. | 7.5 |
| 2021-06-04 | CVE-2020-29322 | Insufficiently Protected Credentials vulnerability in Dlink Dir-880L Firmware 1.07 The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data. | 7.5 |
| 2021-06-04 | CVE-2020-29323 | Insufficiently Protected Credentials vulnerability in Dlink Dir-885L-Mfc Firmware 1.15B02/1.21B05 The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data. | 7.5 |
| 2021-06-04 | CVE-2020-29324 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dir-895L MFC Firmware 1.21B05 The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data. | 7.5 |
| 2021-05-17 | CVE-2021-27342 | Information Exposure Through Discrepancy vulnerability in Dlink Dir-842E Firmware 3.0.2 An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack | 5.9 |
| 2021-04-26 | CVE-2021-20694 | Unspecified vulnerability in Dlink Dap-1880Ac Firmware 1.21 Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to bypass access restriction and to start a telnet service via unspecified vectors. | 8.8 |
| 2021-04-26 | CVE-2021-20695 | Improper Certificate Validation vulnerability in Dlink Dap-1880Ac Firmware 1.21 Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to gain root privileges via unspecified vectors. | 8.8 |
| 2021-04-26 | CVE-2021-20697 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1880Ac Firmware 1.21 Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors. | 9.8 |
| 2021-04-26 | CVE-2021-20696 | OS Command Injection vulnerability in Dlink Dap-1880Ac Firmware 1.21 DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a specially crafted request to a specific CGI program. | 8.8 |
| 2021-04-14 | CVE-2021-27250 | External Control of File Name or Path vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. | 6.5 |