Vulnerabilities > Dlink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-08-25 | CVE-2016-5681 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie. | 9.8 |
2015-05-01 | CVE-2014-8361 | The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. | 9.8 |
2015-02-23 | CVE-2015-2051 | Command Injection vulnerability in Dlink Dir-645 Firmware 1.03/1.04/1.04B11 The D-Link DIR-645 Wired/Wireless Router Rev. | 9.8 |
2015-01-13 | CVE-2014-100005 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-600 Firmware 2.16Ww Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. | 8.8 |
2014-01-23 | CVE-2013-7308 | Unspecified vulnerability in Dlink Des-3810-28 and Des-3810-28 Firmware The OSPF implementation on the D-Link DES-3810-28 switch with firmware R2.20.B017 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2013-11-22 | CVE-2013-5998 | Denial of Service vulnerability in Dlink Des-3800 and Des-3800 Firmware Unspecified vulnerability in the Web manager implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote attackers to cause a denial of service (device hang) via unknown vectors, a different vulnerability than CVE-2013-5997. | 7.8 |
2013-11-22 | CVE-2013-5997 | Denial of Service vulnerability in Dlink Des-3800 and Des-3800 Firmware Unspecified vulnerability in the SSH implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote authenticated users to cause a denial of service (device hang) via unknown vectors, a different vulnerability than CVE-2013-5998. | 6.8 |
2013-11-20 | CVE-2013-5730 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2740B and Dsl-2740B Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote attackers to hijack the authentication of administrators for requests that (1) enable or disable Wireless MAC Address Filters via a wlFltMode action to wlmacflt.cmd, (2) enable or disable firewall protections via a request to scdmz.cmd, or (3) enable or disable remote management via a save action to scsrvcntr.cmd. | 6.8 |
2013-11-20 | CVE-2013-3095 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir865L and Dir865L Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. | 6.8 |
2013-11-19 | CVE-2013-5223 | Cross-site Scripting vulnerability in Dlink Dsl-2760U Firmware Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. | 5.4 |