Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2017-7851
D-Link DCS-936L devices with firmware prior to 1.05.07 have an inadequate CSRF protection mechanism that requires the device's IP address to be a substring of the HTTP Referer header.
D-link Dcs-936l
1 EDB exploit
891
VMScore
CVE-2019-7297
An issue exists on D-Link DIR-823G devices with firmware up to and including 1.02B03. A command Injection vulnerability allows malicious users to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult fu...
D-link Dir-823g Firmware
668
VMScore
CVE-2016-10405
Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17.B01 allows remote malicious users to hijack web sessions via unspecified vectors.
D-link Dir-600l Firmware
383
VMScore
CVE-2008-1253
Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote malicious users to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page.
D-link Dsl-g604t
668
VMScore
CVE-2019-6258
D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.
D-link Dir-822 Firmware
445
VMScore
CVE-2002-1068
The web server for D-Link DP-300 print server allows remote malicious users to cause a denial of service (hang) via a large HTTP POST request.
D-link Dp-303
383
VMScore
CVE-2010-2292
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote malicious users to inject arbitrary web script or HTML via the IP field.
D-link Di-604
445
VMScore
CVE-2006-2337
Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote malicious users to read arbitrary files via an absolute path in the getpage parameter.
D-link Dsl-g604t
694
VMScore
CVE-2018-17880
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a reboot.
D-link Dir-823g Firmware -
445
VMScore
CVE-2018-17881
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger an admin password change.
D-link Dir-823g Firmware -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »