Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-9125
An issue exists on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header.
D-link Dir-878 Firmware 1.12b01
3.5
CVSSv2
CVE-2018-6936
Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via the SSID or the name of a user account.
D-link Dir-600m C1 Firmware 3.01
1 EDB exploit
6.8
CVSSv2
CVE-2017-7398
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an malicious user to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option ...
D-link Dir-615 Firmware 20.09
1 EDB exploit
10
CVSSv2
CVE-2001-1220
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote malicious users to gain administrative privileges.
D-link Dwl-1000ap 3.2.28 483
5
CVSSv2
CVE-2001-1221
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote malicious users to gain sensitive information.
D-link Dwl-1000ap 3.2.28 483
7.5
CVSSv2
CVE-2018-20305
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
D-link Dir-816 A2 Firmware 1.10b05
9
CVSSv2
CVE-2018-10746
An issue exists on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'get <node_name attr>' function and cause memory co...
D-link Dsl-3782 Firmware 1.01
9
CVSSv2
CVE-2018-10748
An issue exists on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'show <node_name>' function and cause memory corru...
D-link Dsl-3782 Firmware 1.01
10
CVSSv2
CVE-2007-1435
Buffer overflow in D-Link TFTP Server 1.0 allows remote malicious users to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third pa...
D-link Tftp Server 1.0
2 EDB exploits
3.5
CVSSv2
CVE-2018-10110
D-Link DIR-615 T1 devices allow XSS via the Add User feature.
D-link Dir-615 T1 Firmware 20.07
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »