Vulnerabilities > Dlink > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-03 CVE-2020-13787 Cleartext Transmission of Sensitive Information vulnerability in Dlink Dir-865L Firmware 1.20B01
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information.
network
low complexity
dlink CWE-319
7.5
7.5
2020-06-03 CVE-2020-13786 Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-865L Firmware 1.20B01
D-Link DIR-865L Ax 1.20B01 Beta devices allow CSRF.
network
low complexity
dlink CWE-352
8.8
8.8
2020-06-03 CVE-2020-13785 Inadequate Encryption Strength vulnerability in Dlink Dir-865L Firmware 1.20B01
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.
network
low complexity
dlink CWE-326
7.5
7.5
2020-06-03 CVE-2020-13784 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Dlink Dir-865L Firmware 1.20B01
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.
network
low complexity
dlink CWE-335
7.5
7.5
2020-06-03 CVE-2020-13783 Cleartext Storage of Sensitive Information vulnerability in Dlink Dir-865L Firmware 1.20B01
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information.
network
low complexity
dlink CWE-312
7.5
7.5
2020-06-03 CVE-2020-13782 OS Command Injection vulnerability in Dlink Dir-865L Firmware 1.20B01
D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection.
network
low complexity
dlink CWE-78
8.8
8.8
2020-05-18 CVE-2020-13136 Unspecified vulnerability in Dlink Dsp-W215 Firmware 1.26B03
D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer.
network
low complexity
dlink
7.5
7.5
2020-04-21 CVE-2019-17525 Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dir-615 Firmware 20.10
The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks.
network
low complexity
dlink CWE-307
8.8
8.8
2020-04-20 CVE-2020-9276 Out-of-bounds Write vulnerability in Dlink Dsl-2640B Firmware Eu4.01B
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices.
network
low complexity
dlink CWE-787
8.8
8.8
2020-04-10 CVE-2020-6765 OS Command Injection vulnerability in Dlink Dsl-Gs225 Firmware Au1.0.4
D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS commands by placing shell metacharacters after a supported CLI command, as demonstrated by ping -c1 127.0.0.1; cat/etc/passwd.
network
low complexity
dlink CWE-78
7.2
7.2