Vulnerabilities > Dlink > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-01 CVE-2023-4711 OS Command Injection vulnerability in Dlink Dar-8000-10 Firmware 20230809/20230819
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819.
network
high complexity
dlink CWE-78
8.1
8.1
2023-08-18 CVE-2023-39669 NULL Pointer Dereference vulnerability in Dlink Dir-880L A1 Firmware 107Wwb08
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.
network
low complexity
dlink CWE-476
7.5
7.5
2023-07-18 CVE-2023-37758 Classic Buffer Overflow vulnerability in Dlink Dir-815 Firmware 1.0.1
D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi.
network
low complexity
dlink CWE-120
7.5
7.5
2023-06-28 CVE-2023-32223 Unspecified vulnerability in Dlink Dsl-224 Firmware 3.0.10
D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an unspecified method.
network
low complexity
dlink
8.8
8.8
2023-06-28 CVE-2023-26615 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Dlink Dir-823G Firmware 1.02B05
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password.
network
low complexity
dlink CWE-640
7.5
7.5
2023-06-07 CVE-2023-33781 Unspecified vulnerability in Dlink Dir-842V2 Firmware 1.0.3
An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file.
network
low complexity
dlink
8.8
8.8
2023-06-07 CVE-2023-33782 Command Injection vulnerability in Dlink Dir-842V2 Firmware 1.0.3
D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function.
network
low complexity
dlink CWE-77
8.8
8.8
2023-05-01 CVE-2023-30061 Improper Authentication vulnerability in Dlink Dir-879 Firmware 1.10
D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi.
network
low complexity
dlink CWE-287
7.5
7.5
2023-05-01 CVE-2023-30063 Improper Authentication vulnerability in Dlink Dir-890L Firmware 1.05
D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass.
network
low complexity
dlink CWE-287
7.5
7.5
2023-04-16 CVE-2022-40946 Unspecified vulnerability in Dlink Dir-819 Firmware 1.06
On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request.
network
low complexity
dlink
7.5
7.5