Vulnerabilities > Dlink > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-31 | CVE-2021-43722 | Out-of-bounds Write vulnerability in Dlink Dir-645 Firmware 1.03 D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. | 7.5 |
| 2022-03-04 | CVE-2022-25106 | Out-of-bounds Write vulnerability in Dlink Dir-859 A3 Firmware and Dir-859 Firmware D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. | 7.1 |
| 2022-02-17 | CVE-2021-46314 | OS Command Injection vulnerability in Dlink Dir-846 Firmware 100A43/100A53Dla A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name. | 7.5 |
| 2022-02-09 | CVE-2021-41442 | HTTP Request Smuggling vulnerability in Dlink Dir-X1860 Firmware 1.03 An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. | 7.5 |
| 2022-02-09 | CVE-2021-41441 | Improper Resource Shutdown or Release vulnerability in Dlink Dir-X1860 Firmware 1.03 A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated victim. | 7.4 |
| 2022-02-04 | CVE-2021-45998 | Command Injection vulnerability in Dlink Dir-882 Firmware 1.10B04/1.30B06 D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the LocalIPAddress parameter. | 7.5 |
| 2022-02-04 | CVE-2021-46226 | Command Injection vulnerability in Dlink Di-7200Gv2 Firmware D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function wget_test.asp. | 7.5 |
| 2022-02-04 | CVE-2021-46227 | Command Injection vulnerability in Dlink Di-7200Gv2 Firmware D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function proxy_client.asp. | 7.5 |
| 2022-02-04 | CVE-2021-46228 | Command Injection vulnerability in Dlink Di-7200Gv2 Firmware D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function httpd_debug.asp. | 7.5 |
| 2022-02-04 | CVE-2021-46229 | Command Injection vulnerability in Dlink Di-7200Gv2 Firmware D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function usb_paswd.asp. | 7.5 |