Vulnerabilities > Dlink > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-13784 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Dlink Dir-865L Firmware 1.20B01 D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. | 7.5 |
| 2020-06-03 | CVE-2020-13783 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dir-865L Firmware 1.20B01 D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information. | 7.5 |
| 2020-06-03 | CVE-2020-13782 | OS Command Injection vulnerability in Dlink Dir-865L Firmware 1.20B01 D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection. | 8.8 |
| 2020-05-18 | CVE-2020-13136 | Unspecified vulnerability in Dlink Dsp-W215 Firmware 1.26B03 D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer. | 7.5 |
| 2020-04-21 | CVE-2019-17525 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dir-615 Firmware 20.10 The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. | 8.8 |
| 2020-04-20 | CVE-2020-9276 | Out-of-bounds Write vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 8.8 |
| 2020-04-10 | CVE-2020-6765 | OS Command Injection vulnerability in Dlink Dsl-Gs225 Firmware Au1.0.4 D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS commands by placing shell metacharacters after a supported CLI command, as demonstrated by ping -c1 127.0.0.1; cat/etc/passwd. | 7.2 |
| 2020-03-23 | CVE-2020-8864 | Incorrect Comparison vulnerability in Dlink products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. | 8.8 |
| 2020-03-23 | CVE-2020-8863 | Improper Authentication vulnerability in Dlink products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. | 8.8 |
| 2020-03-19 | CVE-2019-15656 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware and Dsl-2877Al Firmware D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | 7.5 |