Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dir-815 firmware vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-22651
There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04.
Dlink Dir-815 Firmware
9.8
CVSSv3
CVE-2018-10106
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request.
Dlink Dir-815 Firmware
6.1
CVSSv3
CVE-2018-10107
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php.
Dlink Dir-815 Firmware
6.1
CVSSv3
CVE-2018-10108
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the Treturn parameter to /htdocs/webinc/js/bsc_sms_inbox.php.
Dlink Dir-815 Firmware
9.8
CVSSv3
CVE-2015-0150
The remote administration UI in D-Link DIR-815 devices with firmware prior to 2.07.B01 allows remote malicious users to bypass intended access restrictions via unspecified vectors.
Dlink Dir-815 Firmware
8.8
CVSSv3
CVE-2015-0151
Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 devices with firmware prior to 2.07.B01 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Dlink Dir-815 Firmware
9.8
CVSSv3
CVE-2015-0152
D-Link DIR-815 devices with firmware prior to 2.07.B01 allow remote malicious users to obtain sensitive information by leveraging cleartext storage of the administrative password.
Dlink Dir-815 Firmware
7.5
CVSSv3
CVE-2015-0153
D-Link DIR-815 devices with firmware prior to 2.07.B01 allow remote malicious users to obtain sensitive information by leveraging cleartext storage of the wireless key.
Dlink Dir-815 Firmware
9.8
CVSSv3
CVE-2014-8888
The remote administration interface in D-Link DIR-815 devices with firmware prior to 2.03.B02 allows remote malicious users to execute arbitrary commands via vectors related to an "HTTP command injection issue."
Dlink Dir-815 Firmware 2.03.b02
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started