Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-02 | CVE-2020-18568 | OS Command Injection vulnerability in Dlink Dsr-1000N Firmware and Dsr-250 Firmware The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which can cause remote command execution. | 9.8 |
| 2021-02-02 | CVE-2020-25506 | OS Command Injection vulnerability in Dlink Dns-320 Firmware 2.06B01 D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution. | 9.8 |
| 2021-01-29 | CVE-2020-29557 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink Dir-825 R1 Firmware 3.0.1 An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. | 9.8 |
| 2020-12-30 | CVE-2019-12768 | Forced Browsing vulnerability in Dlink Dap-1650 Firmware An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. | 9.8 |
| 2020-09-14 | CVE-2018-20432 | Use of Hard-coded Credentials vulnerability in Dlink Covr-2600R Firmware and Covr-3902 Firmware D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration. | 9.8 |
| 2020-07-22 | CVE-2020-15893 | OS Command Injection vulnerability in Dlink Dir-816L Firmware 2.06/2.06.B09 An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. | 9.8 |
| 2020-07-22 | CVE-2020-15892 | Incorrect Resource Transfer Between Spheres vulnerability in Dlink Dap-1520 Firmware 1.0.8/1.10B04 An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. | 9.8 |
| 2020-05-15 | CVE-2019-18666 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1360 Revision F Firmware 6.12B01 An issue was discovered on D-Link DAP-1360 revision F devices. | 9.8 |
| 2020-04-20 | CVE-2020-9279 | Use of Hard-coded Credentials vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 9.8 |
| 2020-04-20 | CVE-2020-9278 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 9.1 |