Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-37125 | Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost. | 9.8 |
| 2022-08-31 | CVE-2022-37128 | Improper Initialization vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end. | 9.8 |
| 2022-08-28 | CVE-2022-37055 | Classic Buffer Overflow vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main, | 9.8 |
| 2022-08-28 | CVE-2022-37056 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main, | 9.8 |
| 2022-08-28 | CVE-2022-36755 | Improper Authentication vulnerability in Dlink Dir-845L Firmware D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. | 9.8 |
| 2022-08-28 | CVE-2022-36756 | Code Injection vulnerability in Dlink Dir-845L Firmware DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php. | 9.8 |
| 2022-08-28 | CVE-2022-37057 | OS Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware Reva1.01B03/Revb2.00B02 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main. | 9.8 |
| 2022-08-28 | CVE-2022-38557 | Improper Authentication vulnerability in Dlink Dir-845L Firmware D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. | 9.8 |
| 2022-08-23 | CVE-2021-42627 | Unspecified vulnerability in Dlink products The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. | 9.8 |
| 2022-08-22 | CVE-2022-37134 | Improper Validation of Specified Quantity in Input vulnerability in Dlink Dir-816 Firmware 1.10Cnb04 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. | 9.8 |