Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-25 | CVE-2019-9123 | Weak Password Requirements vulnerability in Dlink Dir-825 Rev.B Firmware 2.10 An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. | 9.8 |
| 2019-02-11 | CVE-2019-7736 | Forced Browsing vulnerability in Dlink Dir-600M Firmware 3.04 D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page. | 9.8 |
| 2019-01-09 | CVE-2018-20675 | Improper Authentication vulnerability in Dlink products D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass. | 9.8 |
| 2019-01-02 | CVE-2018-20114 | OS Command Injection vulnerability in Dlink Dir-818Lw Firmware and Dir-860L Firmware On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. | 9.8 |
| 2018-12-25 | CVE-2018-20445 | Insufficiently Protected Credentials vulnerability in Dlink Dcm-604 Firmware and Dcm-704 Firmware D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.32 and iso.3.6.1.4.1.4413.2.2.2.1.5.4.2.4.1.2.32 SNMP requests. | 9.8 |
| 2018-12-21 | CVE-2018-18009 | Use of Hard-coded Credentials vulnerability in Dlink Dir-140L Firmware and Dir-640L Firmware dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials. | 9.8 |
| 2018-12-21 | CVE-2018-18008 | Use of Hard-coded Credentials vulnerability in Dlink products spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials. | 9.8 |
| 2018-12-21 | CVE-2018-18007 | Use of Hard-coded Credentials vulnerability in Dlink Dsl-2770L Firmware Me1.01/Me1.02/Me1.06 atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials. | 9.8 |
| 2018-12-18 | CVE-2018-17777 | Improper Authentication vulnerability in Dlink Dva-5592 Firmware A1Wi20180823 An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. | 9.8 |
| 2018-10-17 | CVE-2018-10824 | Insufficiently Protected Credentials vulnerability in Dlink products An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. | 9.8 |