Vulnerabilities > Dlink > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-29 CVE-2023-26612 Classic Buffer Overflow vulnerability in Dlink Dir-823G Firmware 1.02B05
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.
network
low complexity
dlink CWE-120
critical
 9.8
9.8
2023-06-29 CVE-2023-26613 OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2023-06-29 CVE-2023-26616 Classic Buffer Overflow vulnerability in Dlink Dir-823G Firmware 1.02B05
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo.
network
low complexity
dlink CWE-120
critical
 9.8
9.8
2023-06-28 CVE-2023-32222 Improper Authentication vulnerability in Dlink Dsl-G256Dg Firmware Bz1.00.27
D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method.
network
low complexity
dlink CWE-287
critical
 9.8
9.8
2023-06-28 CVE-2023-32224 Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dsl-224 Firmware 3.0.10
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts
network
low complexity
dlink CWE-307
critical
 9.8
9.8
2023-06-15 CVE-2023-34800 OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2023-06-12 CVE-2023-33625 Command Injection vulnerability in Dlink Dir-600 Firmware 2.18
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2023-06-12 CVE-2023-33626 Out-of-bounds Write vulnerability in Dlink Dir-600 Firmware 2.18
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2023-05-31 CVE-2023-33735 Unspecified vulnerability in Dlink Dir-846 Firmware 100A52
D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface.
network
low complexity
dlink
critical
 9.8
9.8
2023-05-23 CVE-2023-31814 Unspecified vulnerability in Dlink Dir-300 Firmware 1.06B05Ww
D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.
network
low complexity
dlink
critical
 9.8
9.8