Vulnerabilities > Dlink > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-08-15 CVE-2022-36523 Command Injection vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03/200B02
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-08-15 CVE-2022-36525 Classic Buffer Overflow vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03/200B02
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Buffer Overflow via authenticationcgi_main.
network
low complexity
dlink CWE-120
critical
 9.8
9.8
2022-08-03 CVE-2022-34974 Command Injection vulnerability in Dlink Dir820La1 Firmware 102B22
D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-08-03 CVE-2022-35619 Unspecified vulnerability in Dlink Dir-818L Firmware 105B01
D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function ssdpcgi_main.
network
low complexity
dlink
critical
 9.8
9.8
2022-08-03 CVE-2022-35620 Unspecified vulnerability in Dlink Dir-818L Firmware 105B01
D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcgi_main.
network
low complexity
dlink
critical
 9.8
9.8
2022-06-27 CVE-2022-32092 OS Command Injection vulnerability in Dlink Dir-645 Firmware 1.03
D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-06-02 CVE-2022-30521 Out-of-bounds Write vulnerability in Dlink Dir-890L Firmware 1.05/1.07B09
The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2022-05-23 CVE-2022-28932 Incorrect Default Permissions vulnerability in Dlink Dsl-G2452Dg Firmware
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
network
low complexity
dlink CWE-276
critical
 9.8
9.8
2022-05-18 CVE-2022-28956 Unspecified vulnerability in Dlink Dir-816L Firmware 206B01
An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload.
network
low complexity
dlink
critical
 9.8
9.8
2022-05-10 CVE-2022-28895 OS Command Injection vulnerability in Dlink Dir-882 Firmware 1.30B06
A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
network
low complexity
dlink CWE-78
critical
 9.8
9.8