Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-19 | CVE-2018-6210 | Use of Hard-coded Credentials vulnerability in Dlink Dir-620 Firmware 1.0.37 D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session. | 9.8 |
| 2018-05-23 | CVE-2018-8898 | Improper Authentication vulnerability in Dlink Dsl-3782 Firmware 3.10.0.24 A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel. | 9.8 |
| 2018-05-10 | CVE-2018-10957 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-868L Firmware 1.12 CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password. | 8.8 |
| 2018-05-04 | CVE-2018-10641 | Improper Authentication vulnerability in Dlink Dir-601 Firmware 1.02Na D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext. | 8.1 |
| 2018-05-01 | CVE-2017-17020 | OS Command Injection vulnerability in Dlink products On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system. | 8.8 |
| 2018-04-16 | CVE-2018-10108 | Cross-site Scripting vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 REV. | 6.1 |
| 2018-04-16 | CVE-2018-10107 | Cross-site Scripting vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 REV. | 6.1 |
| 2018-04-16 | CVE-2018-10106 | Information Exposure vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 REV. | 9.8 |
| 2018-04-12 | CVE-2015-0153 | Key Management Errors vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the wireless key. | 7.5 |
| 2018-04-12 | CVE-2015-0152 | Information Exposure vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password. | 9.8 |