Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-44880
D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allows malicious users to execute arbitrary commands via a crafted HNAP1 POST request...
Dlink Dir-878 Firmware 1.30b08
Dlink Dir-878 Firmware
Dlink Dir-882 Firmware
Dlink Dir-882 Firmware 1.30b06
7.5
CVSSv3
CVE-2019-7642
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), ...
Dlink Dir-817lw Firmware 1.04
Dlink Dir-816l Firmware 2.06
Dlink Dir-816 Firmware 2.06
Dlink Dir-850l Firmware 1.09
Dlink Dir-868l Firmware 1.10
2 Github repositories
7.5
CVSSv3
CVE-2021-28840
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the upload_config function of ...
Dlink Dap-2310 Firmware 2.0.7.rc031
Dlink Dap-2330 Firmware 1.07.rc028
Dlink Dap-2360 Firmware 2.07.rc043
Dlink Dap-2553 Firmware 3.06.rc027
Dlink Dap-2660 Firmware 1.13.rc074
Dlink Dap-2690 Firmware 3.16.rc100
Dlink Dap-2695 Firmware 1.17.rc063
Dlink Dap-3320 Firmware 1.01.rc014
Dlink Dap-3662 Firmware 1.01.rc022
7.5
CVSSv3
CVE-2021-28839
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the upload_certificate functio...
Dlink Dap-2310 Firmware 2.0.7.rc031
Dlink Dap-2330 Firmware 1.07.rc028
Dlink Dap-2360 Firmware 2.07.rc043
Dlink Dap-2553 Firmware 3.06.rc027
Dlink Dap-2660 Firmware 1.13.rc074
Dlink Dap-2690 Firmware 3.16.rc100
Dlink Dap-2695 Firmware 1.17.rc063
Dlink Dap-3320 Firmware 1.01.rc014
Dlink Dap-3662 Firmware 1.01.rc022
NA
CVE-2013-6026
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote malicious users to bypass authentication and modify settings via an xmlset_r...
Dlink Di-604s -
Dlink Tm-g5240 -
Dlink Di-524up -
Dlink Di-604up -
Dlink Di-624s -
Dlink Di-604\\+ -
Dlink Dir-120 -
Dlink Dir-100 -
Alphanetworks Vdsl Asl-55052 -
Alphanetworks Vdsl Asl-56552 -
Planex Brl-04r -
Planex Brl-04cw -
Planex Brl-04ur -
2 Github repositories
NA
CVE-2012-5319
Cross-site request forgery (CSRF) vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote malicious users to hijack the authentication of administrators for requests that change the administrator password via the rootpass parameter.
Dlink Dcs-900 -
Dlink Dcs-2000 -
Dlink Dcs-5300 -
2 EDB exploits
8.8
CVSSv3
CVE-2022-42156
D-Link COVR 1200,1203 v1.08 exists to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings.
Dlink Covr 1203 Firmware 1.08
Dlink Covr 1202 Firmware 1.08
Dlink Covr 1200 Firmware 1.08
4.3
CVSSv3
CVE-2022-42159
D-Link COVR 1200,1202,1203 v1.08 exists to have a predictable seed in a Pseudo-Random Number Generator.
Dlink Covr 1203 Firmware 1.08
Dlink Covr 1202 Firmware 1.08
Dlink Covr 1200 Firmware 1.08
8.8
CVSSv3
CVE-2022-42160
D-Link COVR 1200,1202,1203 v1.08 exists to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings.
Dlink Covr 1203 Firmware 1.08
Dlink Covr 1202 Firmware 1.08
Dlink Covr 1200 Firmware 1.08
8.8
CVSSv3
CVE-2022-42161
D-Link COVR 1200,1202,1203 v1.08 exists to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS.
Dlink Covr 1203 Firmware 1.08
Dlink Covr 1202 Firmware 1.08
Dlink Covr 1200 Firmware 1.08
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »