Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-10967
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.
D-link Dir-550a Firmware
D-link Dir-604m Firmware
NA
CVE-2014-9518
Cross-site scripting (XSS) vulnerability in login.cgi in D-Link router DIR-655 (rev Bx) with firmware prior to 2.12b01 allows remote malicious users to inject arbitrary web script or HTML via the html_response_page parameter.
D-link Dir-655 Firmware
D-link Dir-655 Bx
9.8
CVSSv3
CVE-2018-10968
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability.
D-link Dir-550a Firmware
D-link Dir-604m Firmware
NA
CVE-2006-0784
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote malicious users to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.
D-link Dwl-g700ap 2.01
D-link Dwl-g700ap 2.00
1 EDB exploit
5.3
CVSSv3
CVE-2014-7860
The web/web_file/fb_publish.php script in D-Link DNS-320L prior to 1.04b12 and DNS-327L prior to 1.03b04 Build0119 does not authenticate requests, which allows remote malicious users to obtain arbitrary photos and publish them to an arbitrary Facebook profile via a target album_i...
D-link Dns-327l Firmware
D-link Dns-320l Firmware
NA
CVE-2004-1650
D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote malicious users to change the IP address of the camera via a UDP broadcast packet.
D-link Dcs-900 Internet Camera 2.10
D-link Dcs-900 Internet Camera 2.28
D-link Dcs-900 Internet Camera 2.20
1 EDB exploit
7.5
CVSSv3
CVE-2015-7245
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote malicious users to read sensitive information via a .. (dot dot) in the errorpage parameter.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
9.8
CVSSv3
CVE-2015-7246
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote malicious users to obtain administrative access.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
9.8
CVSSv3
CVE-2015-7247
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote malicious users to obtain sensitive information.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
8.8
CVSSv3
CVE-2018-5371
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote malicious users to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request.
D-link Dsl-2540u Firmware Me 1.00
D-link Dsl-2640u Firmware Im 1.00
D-link Dsl-2640u Firmware Me 1.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »