Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dlink Subscribe
Total 448 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36526 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2022-08-18 N/A 7.5 HIGH
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass via function phpcgi_main in cgibin.
CVE-2022-36525 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2022-08-18 N/A 9.8 CRITICAL
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Buffer Overflow via authenticationcgi_main.
CVE-2022-35619 1 Dlink 2 Dir-818l, Dir-818l Firmware 2022-08-10 N/A 9.8 CRITICAL
D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function ssdpcgi_main.
CVE-2022-34974 1 Dlink 2 Dir820la1, Dir820la1 Firmware 2022-08-10 N/A 9.8 CRITICAL
D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function.
CVE-2022-35620 1 Dlink 2 Dir-818l, Dir-818l Firmware 2022-08-10 N/A 9.8 CRITICAL
D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcgi_main.
CVE-2022-34973 1 Dlink 2 Dir820la1, Dir820la1 Firmware 2022-08-10 N/A 7.5 HIGH
D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp.
CVE-2022-34527 1 Dlink 2 Dsl-3782, Dsl-3782 Firmware 2022-08-05 N/A 8.8 HIGH
D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160.
CVE-2022-34528 1 Dlink 2 Dsl-3782, Dsl-3782 Firmware 2022-08-05 N/A 8.8 HIGH
D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.
CVE-2021-21820 1 Dlink 2 Dir-3040, Dir-3040 Firmware 2022-07-29 7.5 HIGH 9.8 CRITICAL
A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2021-21819 1 Dlink 2 Dir-3040, Dir-3040 Firmware 2022-07-29 9.0 HIGH 7.2 HIGH
A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2021-21818 1 Dlink 2 Dir-3040, Dir-3040 Firmware 2022-07-29 5.0 MEDIUM 7.5 HIGH
A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2021-21817 1 Dlink 2 Dir-3040, Dir-3040 Firmware 2022-07-29 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2021-21913 1 Dlink 2 Dir-3040, Dir-3040 Firmware 2022-07-21 7.5 HIGH 9.8 CRITICAL
An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.
CVE-2021-34203 1 Dlink 2 Dir-2640-us, Dir-2640-us Firmware 2022-07-12 4.8 MEDIUM 8.1 HIGH
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify routing information, monitor the traffic of all devices under the router, hijack DNS and phishing attacks. In addition, this interface is likely to be questioned by customers as a backdoor, because the interface should not be exposed.
CVE-2021-41504 1 Dlink 4 Dcs-5000l, Dcs-5000l Firmware, Dcs-932l and 1 more 2022-07-12 5.2 MEDIUM 8.0 HIGH
** UNSUPPORTED WHEN ASSIGNED ** An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2020-29322 1 Dlink 2 Dir-880l, Dir-880l Firmware 2022-07-12 5.0 MEDIUM 7.5 HIGH
The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
CVE-2021-20694 1 Dlink 2 Dap-1880ac, Dap-1880ac Firmware 2022-07-12 6.5 MEDIUM 8.8 HIGH
Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to bypass access restriction and to start a telnet service via unspecified vectors.
CVE-2020-29321 1 Dlink 2 Dir-868l, Dir-868l Firmware 2022-07-12 5.0 MEDIUM 7.5 HIGH
The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
CVE-2021-44880 1 Dlink 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more 2022-07-12 10.0 HIGH 9.8 CRITICAL
D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request.
CVE-2020-29323 1 Dlink 2 Dir-885l-mfc, Dir-885l-mfc Firmware 2022-07-12 5.0 MEDIUM 7.5 HIGH
The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.