Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4855 | 1 D-link | 2 Dir-865l, Dir-865l Firmware | 2019-10-29 | 7.9 HIGH | 8.8 HIGH |
| D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | |||||
| CVE-2013-4856 | 1 D-link | 2 Dir-865l, Dir-865l Firmware | 2019-10-29 | 2.9 LOW | 6.5 MEDIUM |
| D-Link DIR-865L has Information Disclosure. | |||||
| CVE-2013-4857 | 1 D-link | 2 Dir-865l, Dir-865l Firmware | 2019-10-28 | 7.5 HIGH | 9.8 CRITICAL |
| D-Link DIR-865L has PHP File Inclusion in the router xml file. | |||||
| CVE-2018-6527 | 1 D-link | 6 Dir-860l, Dir-860l Firmware, Dir-865l and 3 more | 2018-03-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi. | |||||
| CVE-2018-6529 | 1 D-link | 6 Dir-860l, Dir-860l Firmware, Dir-865l and 3 more | 2018-03-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi. | |||||
| CVE-2018-6528 | 1 D-link | 6 Dir-860l, Dir-860l Firmware, Dir-865l and 3 more | 2018-03-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi. | |||||
| CVE-2018-6530 | 1 D-link | 8 Dir-860l, Dir-860l Firmware, Dir-865l and 5 more | 2018-03-27 | 10.0 HIGH | 9.8 CRITICAL |
| OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter. | |||||