Vulnerabilities > Dlink > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-04-14 CVE-2021-27113 OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2021-04-02 CVE-2020-27600 OS Command Injection vulnerability in Dlink Dir-846 Firmware A1100.26
HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows remote attackers to execute arbitrary commands via shell metacharacters in the ssid0 or ssid1 parameter.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2021-04-02 CVE-2021-30072 Out-of-bounds Write vulnerability in Dlink Dir-878 Firmware
An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices.
network
low complexity
dlink CWE-787
critical
 9.8
9.8
2021-03-30 CVE-2021-26810 OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2021-02-02 CVE-2020-18568 OS Command Injection vulnerability in Dlink Dsr-1000N Firmware and Dsr-250 Firmware
The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which can cause remote command execution.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2021-02-02 CVE-2020-25506 OS Command Injection vulnerability in Dlink Dns-320 Firmware 2.06B01
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.
network
low complexity
dlink CWE-78
critical
 9.8
9.8
2021-01-29 CVE-2020-29557 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink Dir-825 R1 Firmware 3.0.1
An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20.
network
low complexity
dlink CWE-119
critical
 9.8
9.8
2020-12-30 CVE-2019-12768 Forced Browsing vulnerability in Dlink Dap-1650 Firmware
An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix.
network
low complexity
dlink CWE-425
critical
 9.8
9.8
2020-09-14 CVE-2018-20432 Use of Hard-coded Credentials vulnerability in Dlink Covr-2600R Firmware and Covr-3902 Firmware
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.
network
low complexity
dlink CWE-798
critical
 9.8
9.8
2020-07-22 CVE-2020-15893 OS Command Injection vulnerability in Dlink Dir-816L Firmware 2.06/2.06.B09
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02.
network
low complexity
dlink CWE-78
critical
 9.8
9.8