ReportizFlow
Filtered by vendor D-link
Subscriptions
Total
305 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5536 | 1 D-link | 1 Dsl-g624t | 2025-04-09 | N/A |
| Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter. | ||||
| CVE-2008-4771 | 3 4xem, D-link, Vivotek | 3 Vatctrl Class, Mpeg4 Shm Audio Control, Rtsp Mpeg4 Sp Control | 2025-04-09 | N/A |
| Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5537 | 1 D-link | 1 Dsl-g624t | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection parameters. | ||||
| CVE-2007-1435 | 1 D-link | 1 Tftp Server | 2025-04-09 | N/A |
| Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6055 | 1 D-link | 1 Dwl-g132 | 2025-04-09 | N/A |
| Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE). | ||||
| CVE-2009-3347 | 1 D-link | 1 Dir-400 | 2025-04-09 | N/A |
| Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2006-5538 | 1 D-link | 1 Dsl-g624t | 2025-04-09 | N/A |
| D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request. | ||||
| CVE-2008-1253 | 1 D-link | 1 Dsl-g604t | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page. | ||||
| CVE-2002-1865 | 2 D-link, Linksys | 4 Di-804, Dl-704, Befw11s4 and 1 more | 2025-04-03 | N/A |
| Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. | ||||
| CVE-2001-1220 | 1 D-link | 1 Dwl-1000ap | 2025-04-03 | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. | ||||
| CVE-2004-0661 | 1 D-link | 3 Di-604, Di-614\+, Di-624 | 2025-04-03 | N/A |
| Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years. | ||||
| CVE-2001-1221 | 1 D-link | 1 Dwl-1000ap | 2025-04-03 | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information. | ||||
| CVE-2004-0615 | 2 D-link, Dlink | 3 Di-614\+, Di-704p, Di-624 | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request. | ||||
| CVE-2006-0784 | 1 D-link | 1 Dwl-g700ap | 2025-04-03 | N/A |
| D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments. | ||||
| CVE-2006-2337 | 1 D-link | 1 Dsl-g604t | 2025-04-03 | N/A |
| Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. | ||||
| CVE-2005-1680 | 1 D-link | 4 Dsl-502t, Dsl-504t, Dsl-562t and 1 more | 2025-04-03 | N/A |
| D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address. | ||||
| CVE-2005-4723 | 2 D-link, Dlink | 4 Di-524, Di-784, Di-524 and 1 more | 2025-04-03 | N/A |
| D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment. | ||||
| CVE-2006-3687 | 2 D-link, Dlink | 7 Di-604 Broadband Router, Di-784, Ebr-2310 Ethernet Broadband Router and 4 more | 2025-04-03 | N/A |
| Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900. | ||||
| CVE-2006-2901 | 1 D-link | 1 Dwl-2100ap | 2025-04-03 | N/A |
| The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords. | ||||
| CVE-2002-1068 | 1 D-link | 1 Dp-303 | 2025-04-03 | N/A |
| The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request. | ||||