Vulnerabilities > Dlink > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-26 | CVE-2021-20697 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1880Ac Firmware Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors. | 7.5 |
| 2021-04-14 | CVE-2021-27249 | OS Command Injection vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. | 8.8 |
| 2021-04-14 | CVE-2021-27248 | Stack-based Buffer Overflow vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. | 8.8 |
| 2021-04-12 | CVE-2021-29379 | OS Command Injection vulnerability in Dlink Dir-802 Firmware 1.00B05 An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. | 8.8 |
| 2021-04-02 | CVE-2021-30072 | Out-of-bounds Write vulnerability in Dlink Dir-878 Firmware An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. | 7.5 |
| 2021-03-11 | CVE-2021-28143 | Command Injection vulnerability in Dlink Dir-841 Firmware 3.03/3.04 /jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools). | 7.7 |
| 2021-02-12 | CVE-2020-27865 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Dlink Dap-1860 Firmware 1.01B06/1.02B01/1.04B01 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. | 8.3 |
| 2021-02-12 | CVE-2020-27864 | Command Injection vulnerability in Dlink Dap-1860 Firmware 1.01B06/1.02B01/1.04B01 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. | 8.3 |
| 2021-02-02 | CVE-2020-18568 | Command Injection vulnerability in Dlink Dsr-1000N Firmware and Dsr-250 Firmware The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which can cause remote command execution. | 7.5 |
| 2021-02-02 | CVE-2020-25506 | Command Injection vulnerability in Dlink Dns-320 Firmware 2.06B01 D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution. | 7.5 |