Vulnerabilities > Dlink > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-01-30 | CVE-2016-10180 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Dlink Dwr-932B Firmware 02.02Eu An issue was discovered on the D-Link DWR-932B router. | 7.5 |
2017-01-09 | CVE-2016-10125 | Use of Hard-coded Credentials vulnerability in Dlink Dgs-1100 Firmware 1.01.018 D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. | 8.1 |
2013-11-22 | CVE-2013-5998 | Denial of Service vulnerability in Dlink Des-3800 and Des-3800 Firmware Unspecified vulnerability in the Web manager implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote attackers to cause a denial of service (device hang) via unknown vectors, a different vulnerability than CVE-2013-5997. | 7.8 |
2013-11-19 | CVE-2013-2271 | Permissions, Privileges, and Access Controls vulnerability in Dlink Dsl-2740B and Dsl-2740B Firmware The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.cgi. | 7.6 |
2011-11-22 | CVE-2011-4507 | Cryptographic Issues vulnerability in Dlink Dir-685 The D-Link DIR-685 router, when certain WPA and WPA2 configurations are used, does not maintain an encrypted wireless network during transfer of a large amount of network traffic, which allows remote attackers to obtain sensitive information or bypass authentication via a Wi-Fi device. | 7.5 |
2005-05-26 | CVE-2005-1828 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dsl-504T Firmware D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. | 7.5 |
2002-12-31 | CVE-2002-1810 | Missing Authentication for Critical Function vulnerability in Dlink Dwl-900Ap+ Firmware 2.1/2.2 D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information. | 7.5 |