Vulnerabilities > Dlink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-16 | CVE-2010-4964 | Code Injection vulnerability in Dlink Dcs-2121 and Dcs-2121 Firmware recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon injection" vulnerability. | 9.0 |
2010-04-27 | CVE-2009-4821 | Improper Authentication vulnerability in Dlink Dir-615 3.10Na The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors. | 5.0 |
2009-05-20 | CVE-2009-1740 | Buffer Errors vulnerability in Dlink Mpeg4 Viewer Activex Control 2.11.918.2006 Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11.918.2006 allow remote attackers to execute arbitrary code via a long argument to the (1) SetFilePath and (2) SetClientCookie methods. | 9.3 |
2005-05-26 | CVE-2005-1828 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dsl-504T Firmware D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. | 7.5 |
2002-12-31 | CVE-2002-1810 | Missing Authentication for Critical Function vulnerability in Dlink Dwl-900Ap+ Firmware 2.1/2.2 D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information. | 7.5 |