Vulnerabilities > Dlink > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-11-22 CVE-2022-44801 Unspecified vulnerability in Dlink Dir-878 Firmware 1.02B05
D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.
network
low complexity
dlink
critical
 9.8
9.8
2022-11-22 CVE-2022-44804 Out-of-bounds Write vulnerability in Dlink Dir-882 Firmware 1.10B02/1.20B06
D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44806 Out-of-bounds Write vulnerability in Dlink Dir-882 Firmware 1.10B02/1.20B06
D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44807 Out-of-bounds Write vulnerability in Dlink Dir-882 Firmware 1.10B02/1.20B06
D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-11-22 CVE-2022-44808 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B03
A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-11-18 CVE-2022-44204 Classic Buffer Overflow vulnerability in Dlink Dir-3060 Firmware 1.11B04
D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow.
network
low complexity
dlink CWE-120
critical
 9.8
9.8
2022-11-17 CVE-2022-36786 Command Injection vulnerability in Dlink Dsl-224 Firmware
DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router.
network
low complexity
dlink CWE-77
critical
 9.9
9.9
2022-11-03 CVE-2022-43109 Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-10-31 CVE-2020-21016 Unspecified vulnerability in Dlink Dir-846 Firmware 100A35
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.
network
low complexity
dlink
critical
 9.8
9.8
2022-10-26 CVE-2022-42998 Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd.
network
low complexity
dlink CWE-787
critical
 9.8
9.8