Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dlink Subscribe
Filtered by product Dir-880l
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-17621 1 Dlink 28 Dir-818lx, Dir-818lx Firmware, Dir-822 and 25 more 2023-01-20 10.0 HIGH 9.8 CRITICAL
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
CVE-2020-29322 1 Dlink 2 Dir-880l, Dir-880l Firmware 2022-07-12 5.0 MEDIUM 7.5 HIGH
The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data.
CVE-2019-20213 1 Dlink 28 Dir-818lx, Dir-818lx Firmware, Dir-822 and 25 more 2021-07-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
CVE-2017-14948 1 Dlink 12 Dir-868l, Dir-868l Firmware, Dir-880l and 9 more 2021-04-23 7.5 HIGH 9.8 CRITICAL
Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution.
CVE-2018-20675 1 Dlink 8 Dir-822, Dir-822-us, Dir-822-us Firmware and 5 more 2021-04-23 7.5 HIGH 9.8 CRITICAL
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass.
CVE-2016-6563 1 Dlink 18 Dir-818l\(w\), Dir-818l\(w\) Firmware, Dir-822 and 15 more 2019-10-09 10.0 HIGH 9.8 CRITICAL
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
CVE-2018-20674 1 Dlink 8 Dir-822, Dir-822-us, Dir-822-us Firmware and 5 more 2019-10-02 6.5 MEDIUM 8.8 HIGH
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution.