Vulnerabilities > Dlink > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-12 | CVE-2020-27863 | Unspecified vulnerability in Dlink Dsl-2888A Firmware and Dva-2800 Firmware This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. low complexity dlink | 6.5 |
2020-12-22 | CVE-2020-24578 | Incorrect Permission Assignment for Critical Resource vulnerability in Dlink Dsl2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 6.5 |
2020-10-08 | CVE-2020-26567 | Missing Authentication for Critical Function vulnerability in Dlink Dsr-250N Firmware An issue was discovered on D-Link DSR-250N before 3.17B devices. | 5.5 |
2020-09-19 | CVE-2020-25786 | Cross-site Scripting vulnerability in Dlink products webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. | 6.1 |
2020-07-22 | CVE-2020-15895 | Cross-site Scripting vulnerability in Dlink Dir-816L Firmware 2.06/2.06.B09 An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. | 6.1 |
2020-07-22 | CVE-2020-12774 | OS Command Injection vulnerability in Dlink Dsl-7740C Firmware V6.Tr069.20180723 D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command. | 6.7 |
2020-05-18 | CVE-2020-13135 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dlink Dsp-W215 Firmware 1.26B03 D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy. | 6.5 |
2020-03-04 | CVE-2019-19222 | Cross-site Scripting vulnerability in Dlink Dsl-2680 Firmware 1.03 A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wireless_autonetwork_1 POST request. | 5.4 |
2020-02-07 | CVE-2013-3096 | Improper Authentication vulnerability in Dlink Dir865L Firmware 1.03 D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability. | 5.9 |
2020-02-04 | CVE-2013-7054 | Cross-site Scripting vulnerability in Dlink Dir-100 Firmware 4.03B07 D-Link DIR-100 4.03B07: cli.cgi XSS | 6.1 |