Vulnerabilities > Dlink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-7406 | Missing Encryption of Sensitive Data vulnerability in Dlink Dir-615 20.12Ptb01 The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of the authenticated pages. | 9.8 |
| 2017-07-07 | CVE-2017-7405 | Improper Authentication vulnerability in Dlink Dir-615 20.12Ptb01 On the D-Link DIR-615 before v20.12PTb04, once authenticated, this device identifies the user based on the IP address of his machine. | 9.8 |
| 2017-07-07 | CVE-2017-7404 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-615 20.12Ptb01 On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). | 8.8 |
| 2017-06-15 | CVE-2017-9675 | Improper Input Validation vulnerability in Dlink Dir-605L Firmware 2.08B01 On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot. | 7.5 |
| 2017-05-21 | CVE-2017-9100 | Improper Authentication vulnerability in Dlink Dir-600M Firmware 3.04 login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt. | 8.8 |
| 2017-04-24 | CVE-2017-7852 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink products D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. | 8.8 |
| 2017-04-21 | CVE-2016-1558 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink products Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. | 9.8 |
| 2017-04-10 | CVE-2017-6190 | Path Traversal vulnerability in Dlink Dwr-116 Firmware V1.00(Cp)B10/V1.01(Eu)/V1.05(Au) Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2017-03-06 | CVE-2017-6411 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2730U Firmware In1.00 Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. | 8.8 |
| 2017-02-23 | CVE-2017-6206 | Information Exposure vulnerability in Dlink Websmart Dgs-1510 Series Firmware 1.31.B001 D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Information Disclosure attacks via unspecified vectors. | 7.5 |