Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-25 | CVE-2013-4855 | Path Traversal vulnerability in Dlink Dir-865L Firmware D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | 8.8 |
| 2019-10-16 | CVE-2019-17512 | Missing Authentication for Critical Function vulnerability in Dlink Dir-412 Firmware A11.14Ww There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. | 9.1 |
| 2019-10-14 | CVE-2017-14948 | Classic Buffer Overflow vulnerability in Dlink products Certain D-Link products are affected by: Buffer Overflow. | 9.8 |
| 2019-10-14 | CVE-2019-17511 | Missing Authentication for Critical Function vulnerability in Dlink Dir-412 Firmware A11.14Ww There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. | 7.5 |
| 2019-10-11 | CVE-2019-17510 | OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A35 D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php. | 9.8 |
| 2019-10-11 | CVE-2019-17509 | OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A35 D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with shell metacharacters to /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php. | 9.8 |
| 2019-10-11 | CVE-2019-17508 | OS Command Injection vulnerability in Dlink Dir-850L a Firmware and Dir-859 A3 Firmware On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable. | 9.8 |
| 2019-10-11 | CVE-2019-17507 | Improper Input Validation vulnerability in Dlink Dir-816 A1 Firmware 1.06 An issue was discovered on D-Link DIR-816 A1 1.06 devices. | 7.5 |
| 2019-10-11 | CVE-2019-17506 | Missing Authentication for Critical Function vulnerability in Dlink Dir-817Lw A1 Firmware and Dir-868L B1 Firmware There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. | 9.8 |
| 2019-10-11 | CVE-2019-17505 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1320 A2 Firmware 1.21 D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplink_info.xml. | 7.5 |