Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-10967
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.
D-link Dir-550a Firmware
D-link Dir-604m Firmware
9.8
CVSSv3
CVE-2018-10968
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability.
D-link Dir-550a Firmware
D-link Dir-604m Firmware
8.1
CVSSv3
CVE-2016-1559
D-Link DAP-1353 H/W vers. B1 3.15 and previous versions, D-Link DAP-2553 H/W ver. A1 1.31 and previous versions, and D-Link DAP-3520 H/W ver. A1 1.16 and previous versions reveal wireless passwords and administrative usernames and passwords over SNMP.
D-link Dap-1353 H\\/w B1 Firmware 3.15
D-link Dap-2553 H\\/w A1 Firmware 1.31
D-link Dap-3520 H\\/w A1 Firmware 1.16
9.8
CVSSv3
CVE-2015-7246
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote malicious users to obtain administrative access.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
7.5
CVSSv3
CVE-2015-7245
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote malicious users to read sensitive information via a .. (dot dot) in the errorpage parameter.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
9.8
CVSSv3
CVE-2015-7247
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote malicious users to obtain sensitive information.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
NA
CVE-2006-3687
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote malicious users to execute ...
D-link Wbr-1310 Wireless G Router
D-link Di-604 Broadband Router
D-link Di-784
D-link Ebr-2310 Ethernet Broadband Router
D-link Wbr-2310 Rangebooster G Router
Dlink Di-524
Dlink Di-624
1 EDB exploit
NA
CVE-2014-9518
Cross-site scripting (XSS) vulnerability in login.cgi in D-Link router DIR-655 (rev Bx) with firmware prior to 2.12b01 allows remote malicious users to inject arbitrary web script or HTML via the html_response_page parameter.
D-link Dir-655 Firmware
D-link Dir-655 Bx
NA
CVE-2008-4133
The web proxy service on the D-Link DIR-100 with firmware 1.12 and previous versions does not properly filter web requests with large URLs, which allows remote malicious users to bypass web restriction filters.
D-link Dir-100 1.12
D-link Dir-100 1.02
1 EDB exploit
9.8
CVSSv3
CVE-2017-3191
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login page can manipulate the POST request in such a manner as to access some administr...
D-link Dir-130 Firmware 1.23
D-link Dir-330 Firmware 1.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »