Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link dir-620 firmware 1.4.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-6213
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.
D-link Dir-620 Firmware 1.0.3
D-link Dir-620 Firmware 1.0.37
D-link Dir-620 Firmware 1.3.1
D-link Dir-620 Firmware 1.3.3
D-link Dir-620 Firmware 1.3.7
D-link Dir-620 Firmware 1.4.0
D-link Dir-620 Firmware 2.0.22
7.2
CVSSv3
CVE-2018-6211
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
D-link Dir-620 Firmware 1.0.3
D-link Dir-620 Firmware 1.0.37
D-link Dir-620 Firmware 1.3.1
D-link Dir-620 Firmware 1.3.3
D-link Dir-620 Firmware 1.3.7
D-link Dir-620 Firmware 1.4.0
D-link Dir-620 Firmware 2.0.22
6.1
CVSSv3
CVE-2018-6212
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" fiel...
D-link Dir-620 Firmware 1.0.3
D-link Dir-620 Firmware 1.0.37
D-link Dir-620 Firmware 1.3.1
D-link Dir-620 Firmware 1.3.3
D-link Dir-620 Firmware 1.3.7
D-link Dir-620 Firmware 1.4.0
D-link Dir-620 Firmware 2.0.22
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started