Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dlink Subscribe
Total 448 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43109 1 Dlink 2 Dir-823g, Dir-823g Firmware 2022-11-04 N/A 9.8 CRITICAL
D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.
CVE-2020-21016 1 Dlink 2 Dir-846, Dir-846 Firmware 2022-11-01 N/A 9.8 CRITICAL
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.
CVE-2022-43003 1 Dlink 2 Dir-816, Dir-816 Firmware 2022-10-28 N/A 9.8 CRITICAL
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function.
CVE-2022-43002 1 Dlink 2 Dir-816, Dir-816 Firmware 2022-10-28 N/A 9.8 CRITICAL
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54.
CVE-2022-43001 1 Dlink 2 Dir-816, Dir-816 Firmware 2022-10-28 N/A 9.8 CRITICAL
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function.
CVE-2022-43000 1 Dlink 2 Dir-816, Dir-816 Firmware 2022-10-28 N/A 9.8 CRITICAL
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4.
CVE-2022-42999 1 Dlink 2 Dir-816, Dir-816 Firmware 2022-10-28 N/A 7.5 HIGH
D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm.
CVE-2022-42998 1 Dlink 2 Dir-816, Dir-816 Firmware 2022-10-28 N/A 9.8 CRITICAL
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd.
CVE-2021-3707 1 Dlink 2 Dsl-2750u, Dsl-2750u Firmware 2022-10-25 2.1 LOW 5.5 MEDIUM
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device.
CVE-2016-20017 1 Dlink 2 Dsl-2750b, Dsl-2750b Firmware 2022-10-21 N/A 9.8 CRITICAL
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.
CVE-2022-43184 1 Dlink 2 Dir-878, Dir-878 Firmware 2022-10-20 N/A 9.8 CRITICAL
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi.
CVE-2022-42156 1 Dlink 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more 2022-10-18 N/A 8.8 HIGH
D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings.
CVE-2022-42159 1 Dlink 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more 2022-10-18 N/A 4.3 MEDIUM
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator.
CVE-2022-42160 1 Dlink 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more 2022-10-18 N/A 8.8 HIGH
D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings.
CVE-2022-42161 1 Dlink 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more 2022-10-18 N/A 8.8 HIGH
D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS.
CVE-2022-31414 1 Dlink 2 Dir-1960, Dir-1960 Firmware 2022-09-12 N/A 7.5 HIGH
D-Link DIR-1960 firmware DIR-1960_A1_1.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVE-2021-46378 1 Dlink 2 Dir-850l, Dir-850l Firmware 2022-09-09 5.0 MEDIUM 7.5 HIGH
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download.
CVE-2021-46379 1 Dlink 2 Dir-850l, Dir-850l Firmware 2022-09-09 5.8 MEDIUM 6.1 MEDIUM
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site.
CVE-2022-36588 1 Dlink 2 Dap-1650, Dap-1650 Firmware 2022-09-09 N/A 9.8 CRITICAL
In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
CVE-2022-37125 1 Dlink 2 Dir-816, Dir-816 Firmware 2022-09-09 N/A 9.8 CRITICAL
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost.