Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dir-645 firmware vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-36089
Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote malicious users to gain escalated privileges via function phpcgi_main in cgibin. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Dlink Dir-645 Firmware 1.03
9.8
CVSSv3
CVE-2022-46475
D-Link DIR 645A1 1.06B01_Beta01 exists to contain a stack overflow via the service= variable in the genacgi_main function.
Dlink Dir-645 Firmware 1.06b01 Beta01
9.8
CVSSv3
CVE-2022-32092
D-Link DIR-645 v1.03 exists to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.
Dlink Dir-645 Firmware
9.8
CVSSv3
CVE-2021-43722
D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size.
Dlink Dir-645 Firmware 1.03
9.8
CVSSv3
CVE-2019-18852
Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823...
Dlink Dir-600 B1 Firmware 2.01
Dlink Dir-615 J1 Firmware 100
Dlink Dir-645 A1 Firmware 1.03
Dlink Dir-815 A1 Firmware 1.01
Dlink Dir-823 A1 Firmware 1.01
Dlink Dir-842 C1 Firmware 3.00
Dlink Dir-890l A1 Firmware 1.03
9.8
CVSSv3
CVE-2013-7471
An issue exists in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPo...
Dlink Dir-300 Firmware 2.14b01
Dlink Dir-600 Firmware
Dlink Dir-645 Firmware
Dlink Dir-845 Firmware
Dlink Dir-865 Firmware 1.05b03
6.1
CVSSv3
CVE-2020-25786
webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding ...
Dlink Dir-803 Firmware 1.04.b02
Dlink Dir-816l Firmware 2.06
Dlink Dir-816l Firmware 2.06.b09
Dlink Dir-645 Firmware 1.06b01
Dlink Dir-815 Firmware 2.07.b01
Dlink Dir-860l Firmware 1.10b04
Dlink Dir-865l Firmware 1.08b01
NA
CVE-2015-2052
Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and previous versions allows remote malicious users to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface.
Dlink Dir-645 Firmware
NA
CVE-2015-2051
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and previous versions allows remote malicious users to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
Dlink Dir-645 Firmware
1 EDB exploit
1 Github repository
1 Article
NA
CVE-2013-7389
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware prior to 1.04B11 allow remote malicious users to inject arbitrary web script or HTML via the (1) deviceid parameter to parentalcontrols/bind.php, (2) RESULT parameter to info.php,...
Dlink Dir-645 Firmware
Dlink Dir-645 A1
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started