Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-30 | CVE-2016-10180 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 7.5 |
| 2017-01-30 | CVE-2016-10179 | Use of Hard-coded Credentials vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 5.0 |
| 2017-01-30 | CVE-2016-10178 | 7PK - Security Features vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 10.0 |
| 2017-01-30 | CVE-2016-10177 | Use of Hard-coded Credentials vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 10.0 |
| 2017-01-09 | CVE-2016-10125 | Use of Hard-coded Credentials vulnerability in Dlink Dgs-1100 Firmware 1.01.018 D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. | 8.1 |
| 2016-08-25 | CVE-2016-5681 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie. | 9.8 |
| 2014-01-23 | CVE-2013-7308 | Unspecified vulnerability in Dlink Des-3810-28 and Des-3810-28 Firmware The OSPF implementation on the D-Link DES-3810-28 switch with firmware R2.20.B017 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
| 2013-11-22 | CVE-2013-5998 | Denial of Service vulnerability in Dlink Des-3800 and Des-3800 Firmware Unspecified vulnerability in the Web manager implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote attackers to cause a denial of service (device hang) via unknown vectors, a different vulnerability than CVE-2013-5997. | 7.8 |
| 2013-11-22 | CVE-2013-5997 | Denial of Service vulnerability in Dlink Des-3800 and Des-3800 Firmware Unspecified vulnerability in the SSH implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote authenticated users to cause a denial of service (device hang) via unknown vectors, a different vulnerability than CVE-2013-5998. | 6.8 |
| 2013-11-20 | CVE-2013-5730 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2740B and Dsl-2740B Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote attackers to hijack the authentication of administrators for requests that (1) enable or disable Wireless MAC Address Filters via a wlFltMode action to wlmacflt.cmd, (2) enable or disable firewall protections via a request to scdmz.cmd, or (3) enable or disable remote management via a save action to scsrvcntr.cmd. | 6.8 |