Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-20 | CVE-2020-9275 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 9.8 |
| 2020-04-10 | CVE-2020-6765 | OS Command Injection vulnerability in Dlink Dsl-Gs225 Firmware Au1.0.4 D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS commands by placing shell metacharacters after a supported CLI command, as demonstrated by ping -c1 127.0.0.1; cat/etc/passwd. | 7.2 |
| 2020-03-23 | CVE-2020-8864 | Incorrect Comparison vulnerability in Dlink products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. | 8.8 |
| 2020-03-23 | CVE-2020-8863 | Improper Authentication vulnerability in Dlink products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. | 8.8 |
| 2020-03-21 | CVE-2019-12767 | OS Command Injection vulnerability in Dlink Dap-1650 Firmware An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. | 9.8 |
| 2020-03-19 | CVE-2019-15656 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware and Dsl-2877Al Firmware D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | 7.5 |
| 2020-03-19 | CVE-2019-15655 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware 1.00.05 D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. | 7.5 |
| 2020-03-09 | CVE-2016-11021 | OS Command Injection vulnerability in Dlink Dcs-930L Firmware setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter. | 7.2 |
| 2020-03-07 | CVE-2020-10216 | OS Command Injection vulnerability in multiple products An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 8.8 |
| 2020-03-07 | CVE-2020-10215 | OS Command Injection vulnerability in multiple products An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 8.8 |