Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-11-22 | CVE-2013-5997 | Denial of Service vulnerability in Dlink Des-3800 and Des-3800 Firmware Unspecified vulnerability in the SSH implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote authenticated users to cause a denial of service (device hang) via unknown vectors, a different vulnerability than CVE-2013-5998. | 6.8 |
| 2013-11-20 | CVE-2013-5730 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2740B and Dsl-2740B Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote attackers to hijack the authentication of administrators for requests that (1) enable or disable Wireless MAC Address Filters via a wlFltMode action to wlmacflt.cmd, (2) enable or disable firewall protections via a request to scdmz.cmd, or (3) enable or disable remote management via a save action to scsrvcntr.cmd. | 6.8 |
| 2013-11-20 | CVE-2013-3095 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir865L and Dir865L Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. | 6.8 |
| 2013-11-19 | CVE-2013-5223 | Cross-site Scripting vulnerability in Dlink Dsl-2760U Firmware Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. | 5.4 |
| 2013-11-19 | CVE-2013-2271 | Permissions, Privileges, and Access Controls vulnerability in Dlink Dsl-2740B and Dsl-2740B Firmware The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.cgi. | 7.6 |
| 2013-09-20 | CVE-2013-4707 | Permissions, Privileges, and Access Controls vulnerability in Dlink Des-3810 and Des-3810 Firmware The SSH implementation on D-Link Japan DES-3810 devices with firmware before R2.20.011 allows remote authenticated users to cause a denial of service (device hang) by leveraging login access. | 6.3 |
| 2013-09-20 | CVE-2013-4706 | Permissions, Privileges, and Access Controls vulnerability in Dlink Dwl-2100Ap and Dwl-2100Ap Firmware The SSH implementation on the D-Link Japan DWL-2100AP with firmware before R252JP-RC572 allows remote authenticated users to cause a denial of service (reboot) by leveraging login access. | 6.3 |
| 2012-10-08 | CVE-2012-5319 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dcs-2000, Dcs-5300 and Dcs-900 Cross-site request forgery (CSRF) vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the rootpass parameter. | 6.8 |
| 2012-10-08 | CVE-2012-1308 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2640B and Dsl-2640B Firmware Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter. | 6.8 |
| 2011-11-22 | CVE-2011-4507 | Cryptographic Issues vulnerability in Dlink Dir-685 The D-Link DIR-685 router, when certain WPA and WPA2 configurations are used, does not maintain an encrypted wireless network during transfer of a large amount of network traffic, which allows remote attackers to obtain sensitive information or bypass authentication via a Wi-Fi device. | 7.5 |