Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-26 | CVE-2024-23624 | Command Injection vulnerability in Dlink Dap-1650 Firmware A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. | 9.8 |
| 2024-01-26 | CVE-2024-23625 | Command Injection vulnerability in Dlink Dap-1650 Firmware A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. | 9.8 |
| 2024-01-24 | CVE-2024-22751 | Out-of-bounds Write vulnerability in Dlink Dir-882 A1 Firmware 1.30B06 D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the sub_477AA0 function. | 9.8 |
| 2024-01-24 | CVE-2024-22651 | Command Injection vulnerability in Dlink Dir-815 Firmware 1.0.1/1.01Ssb08.Bin/1.04 There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04. | 9.8 |
| 2024-01-21 | CVE-2024-0769 | Unspecified vulnerability in Dlink Dir-859 Firmware 1.06 ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. | 9.8 |
| 2024-01-16 | CVE-2024-22916 | Out-of-bounds Write vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow. | 9.8 |
| 2024-01-11 | CVE-2023-51984 | OS Command Injection vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. | 9.8 |
| 2024-01-11 | CVE-2023-51987 | Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | 9.8 |
| 2024-01-11 | CVE-2023-51989 | Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | 9.8 |
| 2024-01-10 | CVE-2023-51123 | Unspecified vulnerability in Dlink Dir-815 Firmware 1.01Ssb08.Bin An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgi_main function of the cgibin binary component. | 9.8 |