Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-5150
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected is an unknown function of the file /useratte/web.php. The manipulation of the argument file_upload leads to unrestricted upload. It is po...
Dlink Dar-7000 Firmware
Dlink Dar-8000 Firmware
NA
CVE-2013-2271
The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote malicious users to bypass authentication and gain administrator access via a request to login.cgi.
Dlink Dsl-2740b Firmware -
Dlink Dsl-2740b -
1 EDB exploit
8.8
CVSSv3
CVE-2017-8412
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and uses a v...
Dlink Dcs-1130 Firmware -
Dlink Dcs-1100 Firmware -
8.8
CVSSv3
CVE-2017-8413
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobil...
Dlink Dcs-1130 Firmware -
Dlink Dcs-1100 Firmware -
7.8
CVSSv3
CVE-2017-8414
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary performs a sprintf operation at address 0x0000A3E4 with the value in the command line parame...
Dlink Dcs-1100 Firmware -
Dlink Dcs-1130 Firmware -
9.8
CVSSv3
CVE-2017-8415
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved fro...
Dlink Dcs-1130 Firmware -
Dlink Dcs-1100 Firmware -
8.8
CVSSv3
CVE-2017-8417
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the mobile devices and desktop to communicate with the device without any authentication. As...
Dlink Dcs-1100 Firmware -
Dlink Dcs-1130 Firmware -
7.5
CVSSv3
CVE-2020-25078
An issue exists on D-Link DCS-2530L prior to 1.06.01 Hotfix and DCS-2670L up to and including 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure.
Dlink Dcs-2530l Firmware
Dlink Dcs-2670l Firmware
5 Github repositories
6.8
CVSSv3
CVE-2023-46033
D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control.
Dlink Dsl-2730u Firmware -
Dlink Dsl-2750u Firmware -
NA
CVE-2014-100005
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware prior to 2.17b02 allow remote malicious users to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote mana...
Dlink Dir-600 Firmware
Dlink Dir-600 -
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »