Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-16 | CVE-2024-45695 | Out-of-bounds Write vulnerability in Dlink Dir-X4860 Firmware 1.00/1.04 The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device. | 9.8 |
| 2024-09-16 | CVE-2024-45696 | Hidden Functionality vulnerability in Dlink Covr-X1870 Firmware and Dir-X4860 Firmware Certain models of D-Link wireless routers contain hidden functionality. | 8.8 |
| 2024-09-16 | CVE-2024-45697 | Hidden Functionality vulnerability in Dlink Dir-X4860 Firmware 1.00/1.04 Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. | 9.8 |
| 2024-09-16 | CVE-2024-45698 | Use of Hard-coded Credentials vulnerability in Dlink Dir-X4860 Firmware 1.00/1.04 Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device. | 9.8 |
| 2024-09-09 | CVE-2024-44410 | Command Injection vulnerability in Dlink Di-8300 Firmware 16.07.26A1 D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function. | 9.8 |
| 2024-09-09 | CVE-2024-44375 | Out-of-bounds Write vulnerability in Dlink Di-8100 Firmware 16.07.26A1 D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. | 7.5 |
| 2024-09-06 | CVE-2024-44401 | Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1 D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file | 9.8 |
| 2024-09-06 | CVE-2024-44402 | Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1 D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. | 9.8 |
| 2024-09-06 | CVE-2024-44408 | Missing Authorization vulnerability in Dlink Dir-823G Firmware 1.0.2B0520181207 D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. | 7.5 |
| 2024-09-05 | CVE-2024-8461 | Unspecified vulnerability in Dlink Dns-320 Firmware 2.02B01 A vulnerability, which was classified as problematic, was found in D-Link DNS-320 2.02b01. | 5.3 |