Vulnerabilities > Dlink > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-16 CVE-2019-19743 Unspecified vulnerability in Dlink Dir-615 T1 Firmware 20.07
On D-Link DIR-615 devices, a normal user is able to create a root(admin) user from the D-Link portal.
network
low complexity
dlink
6.5
6.5
2019-10-25 CVE-2013-4856 Information Exposure vulnerability in Dlink Dir-865L Firmware
D-Link DIR-865L has Information Disclosure.
low complexity
dlink CWE-200
6.5
6.5
2019-08-08 CVE-2019-14335 Unspecified vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices.
local
low complexity
dlink
5.5
5.5
2019-08-02 CVE-2019-6968 Cross-site Scripting vulnerability in Dlink Dva-5592 Firmware 20180823
The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected.
network
low complexity
dlink CWE-79
6.1
6.1
2019-08-01 CVE-2019-14338 Cross-site Scripting vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices.
network
low complexity
dlink CWE-79
6.1
6.1
2019-08-01 CVE-2019-14337 OS Command Injection vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices.
local
low complexity
dlink CWE-78
5.5
5.5
2019-08-01 CVE-2019-14336 Unspecified vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices.
local
low complexity
dlink
5.5
5.5
2019-08-01 CVE-2019-14334 Improper Certificate Validation vulnerability in Dlink products
An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices.
local
low complexity
dlink CWE-295
5.5
5.5
2019-08-01 CVE-2019-14333 Unspecified vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices.
local
low complexity
dlink
5.5
5.5
2019-07-11 CVE-2019-13562 Cross-site Scripting vulnerability in Dlink Dir-655 Firmware 3.02B05
D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping6_ipaddr parameter, and the /www/apply_sec.cgi html_response_return_page parameter.
network
low complexity
dlink CWE-79
6.1
6.1