Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dir-850l firmware - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-14426
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0644 /var/etc/shadow (aka the /etc/shadow symlink target) permissions.
Dlink Dir-850l Firmware
Dlink Dir-850l Firmware Fw114wwb07 H2ab
7.5
CVSSv3
CVE-2017-14430
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allow remote malicious users to cause a denial of service (daemon crash) via crafted LAN traffic.
Dlink Dir-850l Firmware
Dlink Dir-850l Firmware Fw114wwb07 H2ab
9.8
CVSSv3
CVE-2017-14429
The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting g...
Dlink Dir-850l Firmware
Dlink Dir-850l Firmware Fw114wwb07 H2ab
7.5
CVSSv3
CVE-2019-7642
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), ...
Dlink Dir-817lw Firmware 1.04
Dlink Dir-816l Firmware 2.06
Dlink Dir-816 Firmware 2.06
Dlink Dir-850l Firmware 1.09
Dlink Dir-868l Firmware 1.10
2 Github repositories
7.5
CVSSv3
CVE-2017-14423
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote malicious users to change the DNS configuration via a series of requests.
Dlink Dir-850l Firmware
Dlink Dir-850l Firmware Fw114wwb07 H2ab
5.9
CVSSv3
CVE-2017-14419
The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices, participates in mydlink Cloud Services by establishing a TCP relay service for HTTP, even though a TCP relay service ...
Dlink Dir-850l Firmware
Dlink Dir-850l Firmware Fw114wwb07 H2ab
7.5
CVSSv3
CVE-2017-14422
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices use the same hardcoded /etc/stunnel.key private key across different customers' installations, which allows remote malicious users to defeat the HTTPS c...
Dlink Dir-850l Firmware
Dlink Dir-850l Firmware Fw114wwb07 H2ab
9.8
CVSSv3
CVE-2017-14417
register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not require authentication, which can result in unintended enrollment in mydlink Cloud Services.
Dlink Dir-850l Firmware
8.1
CVSSv3
CVE-2017-14418
The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices, sends the cleartext admin password over the Internet as part of interaction with mydlink Cloud Services.
Dlink Dir-850l Firmware
9.8
CVSSv3
CVE-2017-14421
D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have a hardcoded password of wrgac25_dlink.2013gui_dir850l for the Alphanetworks account upon device reset, which allows remote malicious users to obtain root access via a TELNET session.
Dlink Dir-850l Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »