Vulnerabilities > Dlink > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-24 | CVE-2021-39509 | Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb05R1B011D88210 An issue was discovered in D-Link DIR-816 DIR-816A2_FWv1.10CNB05_R1B011D88210 The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct the user name string to delete the user function. | 9.8 |
2021-08-24 | CVE-2021-39510 | Command Injection vulnerability in Dlink Dir-816 Firmware 101Cnb04 An issue was discovered in D-Link DIR816_A1_FW101CNB04 750m11ac wireless router, The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct the user name string to delete the user function. | 9.8 |
2021-08-23 | CVE-2021-39613 | Use of Hard-coded Credentials vulnerability in Dlink Dvg-3104Ms Firmware 1.0.2.0.3/1.0.2.0.4/1.0.2.0.4E D-Link DVG-3104MS version 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. | 9.8 |
2021-08-23 | CVE-2021-39614 | Use of Hard-coded Credentials vulnerability in Dlink Dvx-2000Ms Firmware D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. | 9.8 |
2021-08-23 | CVE-2021-39615 | Use of Hard-coded Credentials vulnerability in Dlink Dsr-500N Firmware 1.02 D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying embedded Linux operating system on the device. | 9.8 |
2021-08-06 | CVE-2021-37388 | Classic Buffer Overflow vulnerability in Dlink Dir-615 Firmware 3.03Ww A buffer overflow in D-Link DIR-615 C2 3.03WW. | 9.8 |
2021-07-16 | CVE-2021-21820 | Use of Hard-coded Credentials vulnerability in Dlink Dir-3040 Firmware 1.13B03 A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. | 9.8 |
2021-06-24 | CVE-2021-33346 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2888A Firmware There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. | 9.8 |
2021-04-26 | CVE-2021-20697 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1880Ac Firmware 1.21 Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors. | 9.8 |
2021-04-14 | CVE-2021-27114 | Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05 An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |