Vulnerabilities > Dlink

DATE CVE VULNERABILITY TITLE RISK
2019-04-11 CVE-2018-19300 Improper Input Validation vulnerability in multiple products
On D-Link DAP-1530 (A1) before firmware version 1.06b01, DAP-1610 (A1) before firmware version 1.06b01, DWR-111 (A1) before firmware version 1.02v02, DWR-116 (A1) before firmware version 1.06b03, DWR-512 (B1) before firmware version 2.02b01, DWR-711 (A1) through firmware version 1.11, DWR-712 (B1) before firmware version 2.04b01, DWR-921 (A1) before firmware version 1.02b01, and DWR-921 (B1) before firmware version 2.03b01, there exists an EXCU_SHELL file in the web directory.
network
low complexity
d-link dlink CWE-20
critical
 9.8
9.8
2019-04-01 CVE-2018-17990 OS Command Injection vulnerability in Dlink Dsl-3782 Firmware 1.01
An issue was discovered on D-Link DSL-3782 devices with firmware 1.01.
network
low complexity
dlink CWE-78
8.8
8.8
2019-04-01 CVE-2018-17989 Cross-site Scripting vulnerability in Dlink Dsl-3782 Firmware 1.01
A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page.
network
low complexity
dlink CWE-79
5.4
5.4
2019-03-25 CVE-2019-7642 Missing Authentication for Critical Function vulnerability in Dlink products
D-Link routers with the mydlink feature have some web interfaces without authentication requirements.
network
low complexity
dlink CWE-306
7.5
7.5
2019-03-25 CVE-2019-10042 Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.
network
low complexity
dlink CWE-306
7.5
7.5
2019-03-25 CVE-2019-10041 Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.
network
low complexity
dlink CWE-306
critical
 9.8
9.8
2019-03-25 CVE-2019-10040 Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.
network
low complexity
dlink CWE-306
critical
 9.8
9.8
2019-03-25 CVE-2019-10039 Missing Authentication for Critical Function vulnerability in Dlink Dir-816 Firmware 1.11
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.
network
low complexity
dlink CWE-306
critical
 9.8
9.8
2019-02-25 CVE-2019-9126 Information Exposure vulnerability in Dlink Dir-825 Rev.B Firmware 2.10
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices.
network
low complexity
dlink CWE-200
7.5
7.5
2019-02-25 CVE-2019-9123 Weak Password Requirements vulnerability in Dlink Dir-825 Rev.B Firmware 2.10
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices.
network
low complexity
dlink CWE-521
critical
 9.8
9.8