Vulnerabilities > Dlink > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-16 | CVE-2021-21816 | Information Exposure vulnerability in Dlink Dir-3040 Firmware 1.13B03 An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. | 4.3 |
| 2021-06-16 | CVE-2021-34204 | Insufficiently Protected Credentials vulnerability in Dlink Dir-2640-Us Firmware 1.01B04 D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. | 6.8 |
| 2021-05-17 | CVE-2021-27342 | Information Exposure Through Discrepancy vulnerability in Dlink Dir-842E Firmware 3.0.2 An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack | 5.9 |
| 2021-04-14 | CVE-2021-27250 | Unspecified vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. low complexity dlink | 6.5 |
| 2021-02-12 | CVE-2020-27863 | Unspecified vulnerability in Dlink Dsl-2888A Firmware and Dva-2800 Firmware This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. low complexity dlink | 6.5 |
| 2020-12-22 | CVE-2020-24578 | Incorrect Permission Assignment for Critical Resource vulnerability in Dlink Dsl2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 6.5 |
| 2020-10-08 | CVE-2020-26567 | Missing Authentication for Critical Function vulnerability in Dlink Dsr-250N Firmware An issue was discovered on D-Link DSR-250N before 3.17B devices. | 5.5 |
| 2020-09-19 | CVE-2020-25786 | Cross-site Scripting vulnerability in Dlink products webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. | 6.1 |
| 2020-07-22 | CVE-2020-15895 | Cross-site Scripting vulnerability in Dlink Dir-816L Firmware 2.06/2.06.B09 An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. | 6.1 |
| 2020-07-22 | CVE-2020-12774 | OS Command Injection vulnerability in Dlink Dsl-7740C Firmware V6.Tr069.20180723 D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command. | 6.7 |