Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2018-18442
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified atta...
D-link Dcs-825l Firmware 1.08
9
CVSSv2
CVE-2018-10747
An issue exists on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'unset <node_name>' function and cause memory co...
D-link Dsl-3782 Firmware 1.01
9
CVSSv2
CVE-2018-10749
An issue exists on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'commit <node_name>' function and cause memory c...
D-link Dsl-3782 Firmware 1.01
9.3
CVSSv2
CVE-2018-10750
An issue exists on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'staticGet' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'staticGet <node_name attr>' function and cau...
D-link Dsl-3782 Firmware 1.01
5
CVSSv2
CVE-2002-1069
The remote administration capability for the D-Link DI-804 router 4.68 allows remote malicious users to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Informa...
D-link Di-804 4.68
10
CVSSv2
CVE-2007-1435
Buffer overflow in D-Link TFTP Server 1.0 allows remote malicious users to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third pa...
D-link Tftp Server 1.0
2 EDB exploits
4.3
CVSSv2
CVE-2019-17663
D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in the device common gateway interface, leading to common injection.
D-link Dir-866l Firmware 1.03b04
8.5
CVSSv2
CVE-2017-5633
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote malicious users to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI progr...
D-link Di-524 Firmware 9.01
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2021-33259
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for malicious users to obtain users' DNS query history.
D-link Dir-868lw Firmware 1.12b
4.3
CVSSv2
CVE-2010-0936
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote malicious users to inject arbitrary web script or HTML via the nickname parameter.
D-link Dkvm-ip8 2282 Dlinka4 P8 20071213
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »