Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-23 | CVE-2021-39615 | Use of Hard-coded Credentials vulnerability in Dlink Dsr-500N Firmware 1.02 D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying embedded Linux operating system on the device. | 9.8 |
| 2021-08-06 | CVE-2021-37388 | Classic Buffer Overflow vulnerability in Dlink Dir-615 Firmware 3.03Ww A buffer overflow in D-Link DIR-615 C2 3.03WW. | 9.8 |
| 2021-07-16 | CVE-2021-21820 | Use of Hard-coded Credentials vulnerability in Dlink Dir-3040 Firmware 1.13B03 A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. | 9.8 |
| 2021-06-24 | CVE-2021-33346 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2888A Firmware There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. | 9.8 |
| 2021-04-26 | CVE-2021-20697 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1880Ac Firmware 1.21 Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors. | 9.8 |
| 2021-04-14 | CVE-2021-27114 | Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05 An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2021-04-14 | CVE-2021-27113 | OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2021-04-02 | CVE-2020-27600 | OS Command Injection vulnerability in Dlink Dir-846 Firmware A1100.26 HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows remote attackers to execute arbitrary commands via shell metacharacters in the ssid0 or ssid1 parameter. | 9.8 |
| 2021-04-02 | CVE-2021-30072 | Out-of-bounds Write vulnerability in Dlink Dir-878 Firmware An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. | 9.8 |
| 2021-03-30 | CVE-2021-26810 | OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. | 9.8 |