Vulnerabilities > Dlink > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-30 | CVE-2021-20132 | Use of Hard-coded Credentials vulnerability in Dlink Dir-2640-Us Firmware 1.01B04 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those services. | 8.3 |
| 2021-12-30 | CVE-2021-20133 | Path Traversal vulnerability in Dlink Dir-2640-Us Firmware 1.01B04 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of the day" banner to any file on the system, allowing them to read all or some of the contents of those files. | 7.1 |
| 2021-12-30 | CVE-2021-20134 | Path Traversal vulnerability in Dlink Dir-2640-Us Firmware 1.01B04 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set an arbitrary file on the router's filesystem as the log file used by either Quagga service (zebra or ripd). | 7.4 |
| 2021-12-01 | CVE-2021-33265 | Out-of-bounds Write vulnerability in Dlink Dir-809 Firmware 1.00 D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80046eb4 in /formSetPortTr. | 7.2 |
| 2021-11-04 | CVE-2020-25366 | Missing Authorization vulnerability in Dlink Dir-823G Firmware 1.02B05 An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors. | 8.5 |
| 2021-11-04 | CVE-2020-25368 | Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05 A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. | 7.5 |
| 2021-11-04 | CVE-2020-25367 | Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05 A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. | 7.5 |
| 2021-10-25 | CVE-2021-34861 | Stack-based Buffer Overflow vulnerability in Dlink Dap-2020 Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. | 8.8 |
| 2021-10-25 | CVE-2021-34862 | Stack-based Buffer Overflow vulnerability in Dlink Dap-2020 Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. | 8.8 |
| 2021-10-25 | CVE-2021-34863 | Stack-based Buffer Overflow vulnerability in Dlink Dap-2020 Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. | 8.8 |