Filtered by vendor Dlink
Subscriptions
Total
1045 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-28729 | 2 D-link, Dlink | 3 Dwr-2000m Firmware, Dwr-2000m, Dwr-2000m Firmware | 2024-11-22 | 7.8 High |
An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted request. | ||||
CVE-2024-52711 | 1 Dlink | 1 Di-8100 Firmware | 2024-11-22 | 5.7 Medium |
DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. | ||||
CVE-2024-52759 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2024-11-22 | 3.5 Low |
D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. | ||||
CVE-2024-52757 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2024-11-22 | 3.5 Low |
D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in the arp_sys_asp function. | ||||
CVE-2024-52755 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2024-11-22 | 3.5 Low |
D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the host_ip parameter in the ipsec_road_asp function. | ||||
CVE-2024-52754 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2024-11-22 | 3.5 Low |
D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function. | ||||
CVE-2024-51151 | 1 Dlink | 2 Di-8200, Di-8200 Firmware | 2024-11-22 | 8 High |
D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function via the flag parameter and cmd parameter. | ||||
CVE-2024-28730 | 2 D-link, Dlink | 3 Dwr-2000m Firmware, Dwr-2000m, Dwr-2000m Firmware | 2024-11-22 | 4.6 Medium |
Cross Site Scripting vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to obtain sensitive information via the file upload feature of the VPN configuration module. | ||||
CVE-2024-6525 | 1 Dlink | 2 Dar-7000, Dar-7000 Firmware | 2024-11-21 | 2.7 Low |
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270368. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
CVE-2024-6045 | 1 Dlink | 15 E15 Firmware, E30 Firmware, G403 Firmware and 12 more | 2024-11-21 | 8.8 High |
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware. | ||||
CVE-2024-40505 | 1 Dlink | 1 Dap-1650 Firmware | 2024-11-21 | 9.3 Critical |
Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component. | ||||
CVE-2024-39962 | 1 Dlink | 1 Dir 823x Ax3000 Dual Band Gigabit Wirless Router | 2024-11-21 | 9.8 Critical |
D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability in the ntp_zone_val parameter at /goform/set_ntp. This vulnerability is exploited via a crafted HTTP request. | ||||
CVE-2024-39202 | 1 Dlink | 3 Dir-823x Ax3000, Dir-823x Ax3000 Firmware, Dir-823x Firmware | 2024-11-21 | 7.6 High |
D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings. | ||||
CVE-2024-38438 | 1 Dlink | 2 Dsl-225, Dsl-225 Firmware | 2024-11-21 | 9.8 Critical |
D-Link - CWE-294: Authentication Bypass by Capture-replay | ||||
CVE-2024-38437 | 1 Dlink | 2 Dsl-225, Dsl-225 Firmware | 2024-11-21 | 9.8 Critical |
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel | ||||
CVE-2024-33343 | 1 Dlink | 1 Dir-822 Firmware | 2024-11-21 | 8.8 High |
D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. | ||||
CVE-2024-27662 | 1 Dlink | 1 Dir-823 Firmware | 2024-11-21 | 6.5 Medium |
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
CVE-2024-27661 | 1 Dlink | 1 Dir-823 Firmware | 2024-11-21 | 6.5 Medium |
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
CVE-2024-27660 | 1 Dlink | 1 Dir-823g Firmware | 2024-11-21 | 6.5 Medium |
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
CVE-2024-27659 | 1 Dlink | 1 Dir-823 Firmware | 2024-11-21 | 6.5 Medium |
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. |