Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-16 | CVE-2021-21820 | Use of Hard-coded Credentials vulnerability in Dlink Dir-3040 Firmware 1.13B03 A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. | 9.8 |
| 2021-06-24 | CVE-2021-33346 | Missing Authentication for Critical Function vulnerability in Dlink Dsl-2888A Firmware There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. | 9.8 |
| 2021-04-26 | CVE-2021-20697 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1880Ac Firmware 1.21 Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors. | 9.8 |
| 2021-04-14 | CVE-2021-27114 | Out-of-bounds Write vulnerability in Dlink Dir-816 Firmware 1.10B05 An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2021-04-14 | CVE-2021-27113 | OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. | 9.8 |
| 2021-04-02 | CVE-2020-27600 | OS Command Injection vulnerability in Dlink Dir-846 Firmware A1100.26 HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows remote attackers to execute arbitrary commands via shell metacharacters in the ssid0 or ssid1 parameter. | 9.8 |
| 2021-04-02 | CVE-2021-30072 | Out-of-bounds Write vulnerability in Dlink Dir-878 Firmware An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. | 9.8 |
| 2021-03-30 | CVE-2021-26810 | OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. | 9.8 |
| 2021-02-02 | CVE-2020-18568 | OS Command Injection vulnerability in Dlink Dsr-1000N Firmware and Dsr-250 Firmware The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which can cause remote command execution. | 9.8 |
| 2021-02-02 | CVE-2020-25506 | OS Command Injection vulnerability in Dlink Dns-320 Firmware 2.06B01 D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution. | 9.8 |