Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-30 | CVE-2016-10179 | Use of Hard-coded Credentials vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 5.0 |
| 2017-01-30 | CVE-2016-10178 | 7PK - Security Features vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 10.0 |
| 2017-01-30 | CVE-2016-10177 | Use of Hard-coded Credentials vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 10.0 |
| 2017-01-09 | CVE-2016-10125 | Use of Hard-coded Credentials vulnerability in Dlink Dgs-1100 Firmware 1.01.018 D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. | 8.1 |
| 2016-08-25 | CVE-2016-5681 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie. | 9.8 |
| 2015-05-01 | CVE-2014-8361 | The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. | 9.8 |
| 2015-02-23 | CVE-2015-2051 | Command Injection vulnerability in Dlink Dir-645 Firmware 1.03/1.04/1.04B11 The D-Link DIR-645 Wired/Wireless Router Rev. | 9.8 |
| 2015-01-13 | CVE-2014-100005 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-600 Firmware 2.16Ww Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. | 8.8 |
| 2014-01-23 | CVE-2013-7308 | Unspecified vulnerability in Dlink Des-3810-28 and Des-3810-28 Firmware The OSPF implementation on the D-Link DES-3810-28 switch with firmware R2.20.B017 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
| 2013-11-22 | CVE-2013-5998 | Denial of Service vulnerability in Dlink Des-3800 and Des-3800 Firmware Unspecified vulnerability in the Web manager implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote attackers to cause a denial of service (device hang) via unknown vectors, a different vulnerability than CVE-2013-5997. | 7.8 |