Vulnerabilities > Dlink > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-04 | CVE-2021-46353 | Information Exposure Through an Error Message vulnerability in Dlink Dir-X1860 Firmware 1.03 An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application. | 5.3 |
| 2022-03-04 | CVE-2022-25106 | Out-of-bounds Write vulnerability in Dlink Dir-859 A3 Firmware and Dir-859 Firmware D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. | 5.5 |
| 2022-03-04 | CVE-2021-46379 | Open Redirect vulnerability in Dlink Dir-850L Firmware 1.08Trb03 DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. | 6.1 |
| 2022-02-18 | CVE-2021-46108 | Cross-site Scripting vulnerability in Dlink Dsl-2730E Firmware Ct20131125 D-Link DSL-2730E CT-20131125 devices allow XSS via the username parameter to the password page in the maintenance configuration. | 5.4 |
| 2022-02-10 | CVE-2021-41445 | Cross-site Scripting vulnerability in Dlink Dir-X1860 Firmware 1.03 A reflected cross-site-scripting attack in web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to execute code in the device of the victim via sending a specific URL to the unauthenticated victim. | 6.1 |
| 2021-12-30 | CVE-2021-20133 | Path Traversal vulnerability in Dlink Dir-2640-Us Firmware 1.01/1.01B04/1.11B02 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of the day" banner to any file on the system, allowing them to read all or some of the contents of those files. | 6.1 |
| 2021-10-25 | CVE-2021-34860 | Unspecified vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. low complexity dlink | 6.5 |
| 2021-09-24 | CVE-2021-40654 | Incorrect Authorization vulnerability in Dlink Dir-615 Firmware 17.00 An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. | 6.5 |
| 2021-09-09 | CVE-2021-40284 | Classic Buffer Overflow vulnerability in Dlink Dsl-3782 Firmware Eu1.01/Eu1.03 D-Link DSL-3782 EU v1.01:EU v1.03 is affected by a buffer overflow which can cause a denial of service. | 6.5 |
| 2021-08-16 | CVE-2021-3707 | Unspecified vulnerability in Dlink Dsl-2750U Firmware 1.11 D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. | 5.5 |