Vulnerabilities > Dlink > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2020-29322 | Insufficiently Protected Credentials vulnerability in Dlink Dir-880L Firmware 1.07 The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data. | 5.0 |
| 2021-06-04 | CVE-2020-29323 | Insufficiently Protected Credentials vulnerability in Dlink Dir-885L-Mfc Firmware 1.15B02/1.21B05 The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data. | 5.0 |
| 2021-06-04 | CVE-2020-29324 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dir-895L MFC Firmware 1.21B05 The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data. | 5.0 |
| 2021-05-17 | CVE-2021-27342 | Information Exposure Through Discrepancy vulnerability in Dlink Dir-842E Firmware An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack | 4.3 |
| 2021-04-26 | CVE-2021-20694 | Unspecified vulnerability in Dlink Dap-1880Ac Firmware 1.21 Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to bypass access restriction and to start a telnet service via unspecified vectors. | 6.5 |
| 2021-04-14 | CVE-2021-27250 | External Control of File Name or Path vulnerability in Dlink Dap-2020 Firmware 1.01 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. | 6.5 |
| 2021-02-12 | CVE-2020-27862 | Command Injection vulnerability in Dlink Dsl-2888A Firmware and Dva-2800 Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. | 5.8 |
| 2021-01-08 | CVE-2020-24577 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dsl-2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 5.0 |
| 2020-12-22 | CVE-2020-24578 | Incorrect Permission Assignment for Critical Resource vulnerability in Dlink Dsl2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 6.5 |
| 2020-10-08 | CVE-2020-26567 | Missing Authentication for Critical Function vulnerability in Dlink Dsr-250N Firmware An issue was discovered on D-Link DSR-250N before 3.17B devices. | 5.5 |