Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-5148
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 and DAR-8000 up to 20151231. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted...
Dlink Dar-7000 Firmware
Dlink Dar-8000 Firmware
8.8
CVSSv3
CVE-2023-5150
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected is an unknown function of the file /useratte/web.php. The manipulation of the argument file_upload leads to unrestricted upload. It is po...
Dlink Dar-7000 Firmware
Dlink Dar-8000 Firmware
9.8
CVSSv3
CVE-2019-17146
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by defau...
Dlink Dcs-935l Firmware
Dlink Dcs-960l Firmware
NA
CVE-2013-2271
The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote malicious users to bypass authentication and gain administrator access via a request to login.cgi.
Dlink Dsl-2740b Firmware -
Dlink Dsl-2740b -
1 EDB exploit
9.8
CVSSv3
CVE-2017-8410
An issue exists on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the "Authorizati...
Dlink Dcs-1100 Firmware -
Dlink Dcs-1130 Firmware -
7.5
CVSSv3
CVE-2020-25078
An issue exists on D-Link DCS-2530L prior to 1.06.01 Hotfix and DCS-2670L up to and including 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure.
Dlink Dcs-2530l Firmware
Dlink Dcs-2670l Firmware
5 Github repositories
7.5
CVSSv3
CVE-2019-15656
D-Link DSL-2875AL and DSL-2877AL devices up to and including 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables.
Dlink Dsl-2875al Firmware
Dlink Dsl-2877al Firmware
9.8
CVSSv3
CVE-2018-20432
D-Link COVR-2600R and COVR-3902 Kit prior to 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated malicious users to gain privileged access to the router, and to extract sensitive data or modify the configuration.
Dlink Covr-2600r Firmware
Dlink Covr-3902 Firmware
NA
CVE-2014-100005
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware prior to 2.17b02 allow remote malicious users to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote mana...
Dlink Dir-600 Firmware
Dlink Dir-600 -
1 Article
8.8
CVSSv3
CVE-2020-25079
An issue exists on D-Link DCS-2530L prior to 1.06.01 Hotfix and DCS-2670L up to and including 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection.
Dlink Dcs-2530l Firmware
Dlink Dcs-2670l Firmware
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »