Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dir-825 firmware - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-47035
Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows malicious user to execute arbitrary code via the GetConfig method to the /CPE endpoint.
Dlink Dir-825 Firmware
9.8
CVSSv3
CVE-2021-46442
In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization.
Dlink Dir-825 Firmware -
9.8
CVSSv3
CVE-2020-29557
An issue exists on D-Link DIR-825 R1 devices up to and including 3.0.1 prior to 2020-11-20. A buffer overflow in the web interface allows malicious users to achieve pre-authentication remote code execution.
Dlink Dir-825 R1 Firmware
9.8
CVSSv3
CVE-2019-16920
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacke...
Dlink Dir-655 Firmware
Dlink Dir-866l Firmware
Dlink Dir-652 Firmware -
Dlink Dhp-1565 Firmware
9.8
CVSSv3
CVE-2019-9123
An issue exists on D-Link DIR-825 Rev.B 2.10 devices. The "user" account has a blank password.
Dlink Dir-825 Rev.b Firmware 2.10
8.8
CVSSv3
CVE-2022-43645
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IVI plugin for the xupnpd service, ...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43642
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the YouTube plugin for the xupnpd servi...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43644
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd serv...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43647
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TC...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43643
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd servi...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »