Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-20305
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
D-link Dir-816 A2 Firmware 1.10b05
9.8
CVSSv3
CVE-2019-9124
An issue exists on D-Link DIR-878 1.12B01 devices. At the /HNAP1 URI, an attacker can log in with a blank password.
D-link Dir-878 Firmware 1.12b01
9.8
CVSSv3
CVE-2019-9125
An issue exists on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header.
D-link Dir-878 Firmware 1.12b01
5.3
CVSSv3
CVE-2021-33259
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for malicious users to obtain users' DNS query history.
D-link Dir-868lw Firmware 1.12b
9.8
CVSSv3
CVE-2022-44928
D-Link DVG-G5402SP GE_1.03 exists to contain a command injection vulnerability via the Maintenance function.
D-link Dvg-g5402sp Firmware Ge 1.03
NA
CVE-2006-6538
D-LINK DWL-2000AP+ firmware 2.11 allows remote malicious users to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link.
D-link Dwl-2000ap\\+ 2.11
1 EDB exploit
NA
CVE-2010-0936
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote malicious users to inject arbitrary web script or HTML via the nickname parameter.
D-link Dkvm-ip8 2282 Dlinka4 P8 20071213
2 EDB exploits
9.8
CVSSv3
CVE-2022-44929
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated malicious users to escalate privileges via arbitrarily editing VoIP SIB profiles.
D-link Dvg-g5402sp Firmware Ge 1.03
8.8
CVSSv3
CVE-2018-8941
Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote malicious users to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /use...
D-link Dsl-3782 Firmware 1.01
1 Github repository
NA
CVE-2001-1137
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote malicious users to cause a denial of service (reboot) via malformed IP datagram fragments.
D-link Dl-704 V2.56b5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »