Vulnerabilities > Dlink

DATE CVE VULNERABILITY TITLE RISK
2019-01-02 CVE-2018-20114 OS Command Injection vulnerability in Dlink Dir-818Lw Firmware and Dir-860L Firmware
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2018-12-25 CVE-2018-20445 Insufficiently Protected Credentials vulnerability in Dlink Dcm-604 Firmware and Dcm-704 Firmware
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.32 and iso.3.6.1.4.1.4413.2.2.2.1.5.4.2.4.1.2.32 SNMP requests.
network
low complexity
dlink CWE-522
critical
 9.8
9.8
2018-12-21 CVE-2018-18009 Use of Hard-coded Credentials vulnerability in Dlink Dir-140L Firmware and Dir-640L Firmware
dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials.
network
low complexity
dlink CWE-798
critical
 9.8
9.8
2018-12-21 CVE-2018-18008 Use of Hard-coded Credentials vulnerability in Dlink products
spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials.
network
low complexity
dlink CWE-798
critical
 9.8
9.8
2018-12-21 CVE-2018-18007 Use of Hard-coded Credentials vulnerability in Dlink Dsl-2770L Firmware Me1.01/Me1.02/Me1.06
atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials.
network
low complexity
dlink CWE-798
critical
 9.8
9.8
2018-12-20 CVE-2018-18767 Inadequate Encryption Strength vulnerability in multiple products
An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06.
local
high complexity
dlink d-link CWE-326
7.0
7.0
2018-12-20 CVE-2018-18441 Information Exposure vulnerability in multiple products
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration.
network
low complexity
d-link dlink CWE-200
7.5
7.5
2018-12-18 CVE-2018-17777 Improper Authentication vulnerability in Dlink Dva-5592 Firmware A1Wi20180823
An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices.
network
low complexity
dlink CWE-287
critical
 9.8
9.8
2018-10-17 CVE-2018-10824 Insufficiently Protected Credentials vulnerability in Dlink products
An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices.
network
low complexity
dlink CWE-522
critical
 9.8
9.8
2018-10-17 CVE-2018-10823 OS Command Injection vulnerability in Dlink products
An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices.
network
low complexity
dlink CWE-78
8.8
8.8