Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-10405
Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17.B01 allows remote malicious users to hijack web sessions via unspecified vectors.
D-link Dir-600l Firmware
NA
CVE-2006-6055
Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote malicious users to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).
D-link Dwl-g132
1 EDB exploit
9.8
CVSSv3
CVE-2019-6258
D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.
D-link Dir-822 Firmware
NA
CVE-2008-1253
Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote malicious users to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page.
D-link Dsl-g604t
NA
CVE-2008-1258
Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote malicious users to inject arbitrary web script or HTML via the rf parameter.
D-link Di-604
9.8
CVSSv3
CVE-2018-17786
On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh, and upload_firmware.cgi do not require authentication, which allows remote malicious users to execute arbitrary code.
D-link Dir-823g Firmware -
9.8
CVSSv3
CVE-2018-17787
On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.
D-link Dir-823g Firmware -
7.5
CVSSv3
CVE-2018-17880
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a reboot.
D-link Dir-823g Firmware -
9.8
CVSSv3
CVE-2019-7297
An issue exists on D-Link DIR-823G devices with firmware up to and including 1.02B03. A command Injection vulnerability allows malicious users to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult fu...
D-link Dir-823g Firmware
NA
CVE-2010-2292
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote malicious users to inject arbitrary web script or HTML via the IP field.
D-link Di-604
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »