Vulnerabilities > Dlink > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-18 | CVE-2019-19742 | Cross-site Scripting vulnerability in Dlink Dir-615 Firmware 20.07 On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field. | 4.8 |
| 2019-12-16 | CVE-2019-19743 | Improper Input Validation vulnerability in Dlink Dir-615 T1 Firmware 20.07 On D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal. | 4.0 |
| 2019-10-25 | CVE-2013-4856 | Information Exposure vulnerability in Dlink Dir-865L Firmware D-Link DIR-865L has Information Disclosure. | 6.5 |
| 2019-10-16 | CVE-2019-17512 | Missing Authentication for Critical Function vulnerability in Dlink Dir-412 Firmware A11.14Ww There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. | 6.4 |
| 2019-10-14 | CVE-2019-17511 | Missing Authentication for Critical Function vulnerability in Dlink Dir-412 Firmware A11.14Ww There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. | 5.0 |
| 2019-10-11 | CVE-2019-17507 | Improper Input Validation vulnerability in Dlink Dir-816 A1 Firmware 1.06 An issue was discovered on D-Link DIR-816 A1 1.06 devices. | 5.0 |
| 2019-10-11 | CVE-2019-17505 | Missing Authentication for Critical Function vulnerability in Dlink Dap-1320 A2 Firmware 1.21 D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplink_info.xml. | 5.0 |
| 2019-10-09 | CVE-2019-17353 | Missing Authentication for Critical Function vulnerability in Dlink Dir-615 Firmware 20.05/20.07 An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. | 6.4 |
| 2019-08-08 | CVE-2019-14335 | Unspecified vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. | 4.9 |
| 2019-08-02 | CVE-2019-6969 | Cross-site Scripting vulnerability in Dlink Dva-5592 Firmware 20180823 The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and the phone number (if VoIP is in use). | 5.0 |