Vulnerabilities > Dlink > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-17 CVE-2021-46315 OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A43/100A53Dla
Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-02-17 CVE-2021-46319 OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A43/100A53Dla
Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-02-17 CVE-2021-45382 OS Command Injection vulnerability in Dlink products
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-02-17 CVE-2021-46314 OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A43/100A53Dla
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2022-02-04 CVE-2021-44880 Command Injection vulnerability in Dlink Dir-878 Firmware and Dir-882 Firmware
D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-02-04 CVE-2021-44881 Command Injection vulnerability in Dlink Dir-882 Firmware
D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-02-04 CVE-2021-44882 Command Injection vulnerability in Dlink Dir-878 Firmware
D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-02-04 CVE-2021-45998 Command Injection vulnerability in Dlink Dir-882 Firmware
D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the LocalIPAddress parameter.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-02-04 CVE-2021-46226 Command Injection vulnerability in Dlink Di-7200Gv2 Firmware 21.04.09E1
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function wget_test.asp.
network
low complexity
dlink CWE-77
critical
 9.8
9.8
2022-02-04 CVE-2021-46227 Command Injection vulnerability in Dlink Di-7200Gv2 Firmware 21.04.09E1
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function proxy_client.asp.
network
low complexity
dlink CWE-77
critical
 9.8
9.8