Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-28 | CVE-2022-37057 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main. | 9.8 |
| 2022-08-28 | CVE-2022-38557 | Improper Authentication vulnerability in Dlink Dir-845L Firmware D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. | 9.8 |
| 2022-08-23 | CVE-2021-42627 | Unspecified vulnerability in Dlink products The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. | 9.8 |
| 2022-08-22 | CVE-2022-37134 | Improper Validation of Specified Quantity in Input vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. | 9.8 |
| 2022-06-27 | CVE-2022-32092 | OS Command Injection vulnerability in Dlink Dir-645 Firmware 1.03 D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. | 9.8 |
| 2022-06-02 | CVE-2022-30521 | Out-of-bounds Write vulnerability in Dlink Dir-890L Firmware 1.05/1.07B09 The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. | 9.8 |
| 2022-05-23 | CVE-2022-28932 | Incorrect Default Permissions vulnerability in Dlink Dsl-G2452Dg Firmware D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions. | 9.8 |
| 2022-05-10 | CVE-2022-28895 | OS Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06 A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 9.8 |
| 2022-05-10 | CVE-2022-28896 | OS Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06 A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 9.8 |
| 2022-05-10 | CVE-2022-28901 | OS Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06 A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | 9.8 |