Vulnerabilities > Dlink > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2023-5074 Use of Hard-coded Credentials vulnerability in Dlink D-View 8 2.0.1.28
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28
network
low complexity
dlink CWE-798
critical
 9.8
9.8
2023-09-20 CVE-2023-43196 Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1
D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the zn_jb parameter in the arp_sys.asp function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-09-20 CVE-2023-43197 Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-09-20 CVE-2023-43198 Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the popupId parameter in the H5/hi_block.asp function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-09-20 CVE-2023-43199 Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the prev parameter in the H5/login.cgi function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-09-20 CVE-2023-43200 Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the id parameter in the yyxz.data function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-09-20 CVE-2023-43201 Out-of-bounds Write vulnerability in Dlink Di-7200G Firmware 21.04.09E1
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the hi_up parameter in the qos_ext.asp function.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-09-20 CVE-2023-43202 Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcap_download_handler.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2023-09-20 CVE-2023-43203 Out-of-bounds Write vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a stack overflow vulnerability in the function update_users.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-09-20 CVE-2023-43204 Command Injection vulnerability in Dlink Dwl-6610Ap Firmware 4.3.0.8B003C
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub_2EF50.
network
low complexity
dlink CWE-77
critical
 9.8
9.8