Vulnerabilities > Dlink > High

DATE CVE VULNERABILITY TITLE RISK
2021-01-19 CVE-2021-3182 Out-of-bounds Write vulnerability in Dlink Dcs-5220 Firmware
D-Link DCS-5220 devices have a buffer overflow.
low complexity
dlink CWE-787
8.0
8.0
2020-12-30 CVE-2019-12768 Improper Authentication vulnerability in Dlink Dap-1650 Firmware
An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix.
network
low complexity
dlink CWE-287
7.5
7.5
2020-12-22 CVE-2020-24581 OS Command Injection vulnerability in Dlink Dsl2888A Firmware
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.
low complexity
dlink CWE-78
8.0
8.0
2020-12-22 CVE-2020-24580 Missing Authentication for Critical Function vulnerability in Dlink Dsl2888A Firmware
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.
high complexity
dlink CWE-306
7.5
7.5
2020-12-22 CVE-2020-24579 Improper Authentication vulnerability in Dlink Dsl2888A Firmware
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.
low complexity
dlink CWE-287
8.8
8.8
2020-12-15 CVE-2020-25757 Improper Input Validation vulnerability in Dlink products
A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges.
low complexity
dlink CWE-20
8.3
8.3
2020-09-02 CVE-2020-25078 Unspecified vulnerability in Dlink Dcs-2530L Firmware and Dcs-2670L Firmware
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices.
network
low complexity
dlink
7.5
7.5
2020-07-22 CVE-2020-15894 Missing Authentication for Critical Function vulnerability in Dlink Dir-816L Firmware 2.06/2.06.B09
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02.
network
low complexity
dlink CWE-306
7.5
7.5
2020-07-09 CVE-2020-9377 OS Command Injection vulnerability in Dlink Dir-610 Firmware
D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php.
network
low complexity
dlink CWE-78
8.8
8.8
2020-07-09 CVE-2020-9376 Injection vulnerability in Dlink Dir-610 Firmware
D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.
network
low complexity
dlink CWE-74
7.5
7.5