Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-11-20 | CVE-2013-3095 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir865L and Dir865L Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. | 6.8 |
| 2013-11-19 | CVE-2013-5223 | Cross-Site Scripting vulnerability in Dlink Dsl-2760U Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. | 3.5 |
| 2013-11-19 | CVE-2013-2271 | Permissions, Privileges, and Access Controls vulnerability in Dlink Dsl-2740B and Dsl-2740B Firmware The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.cgi. | 7.6 |
| 2013-09-20 | CVE-2013-4707 | Permissions, Privileges, and Access Controls vulnerability in Dlink Des-3810 and Des-3810 Firmware The SSH implementation on D-Link Japan DES-3810 devices with firmware before R2.20.011 allows remote authenticated users to cause a denial of service (device hang) by leveraging login access. | 6.3 |
| 2013-09-20 | CVE-2013-4706 | Permissions, Privileges, and Access Controls vulnerability in Dlink Dwl-2100Ap and Dwl-2100Ap Firmware The SSH implementation on the D-Link Japan DWL-2100AP with firmware before R252JP-RC572 allows remote authenticated users to cause a denial of service (reboot) by leveraging login access. | 6.3 |
| 2012-10-08 | CVE-2012-5319 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dcs-2000, Dcs-5300 and Dcs-900 Cross-site request forgery (CSRF) vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the rootpass parameter. | 6.8 |
| 2012-10-08 | CVE-2012-1308 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2640B and Dsl-2640B Firmware Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter. | 6.8 |
| 2011-11-22 | CVE-2011-4507 | Cryptographic Issues vulnerability in Dlink Dir-685 The D-Link DIR-685 router, when certain WPA and WPA2 configurations are used, does not maintain an encrypted wireless network during transfer of a large amount of network traffic, which allows remote attackers to obtain sensitive information or bypass authentication via a Wi-Fi device. | 7.5 |
| 2011-11-03 | CVE-2011-3992 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dlink products Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | 10.0 |
| 2011-10-16 | CVE-2010-4965 | Credentials Management vulnerability in Dlink Dcs-2121 and Dcs-2121 Firmware /etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by leveraging a running telnetd server. | 9.0 |