Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-9125
An issue exists on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header.
D-link Dir-878 Firmware 1.12b01
9.8
CVSSv3
CVE-2021-26709
D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote malicious users to take over a device via the login.xgi user and pass parameters. NOTE: This vulnerability only affects products that are no longer supp...
D-link Dsl-320b-d1
5.4
CVSSv3
CVE-2018-6936
Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via the SSID or the name of a user account.
D-link Dir-600m C1 Firmware 3.01
1 EDB exploit
9.8
CVSSv3
CVE-2022-44929
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated malicious users to escalate privileges via arbitrarily editing VoIP SIB profiles.
D-link Dvg-g5402sp Firmware Ge 1.03
6.1
CVSSv3
CVE-2019-17663
D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in the device common gateway interface, leading to common injection.
D-link Dir-866l Firmware 1.03b04
7.2
CVSSv3
CVE-2018-16408
D-Link DIR-846 devices with firmware 100.26 allow remote malicious users to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access.
D-link Dir-846 Firmware 100.26
8.8
CVSSv3
CVE-2018-8941
Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote malicious users to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /use...
D-link Dsl-3782 Firmware 1.01
1 Github repository
9.8
CVSSv3
CVE-2018-20305
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
D-link Dir-816 A2 Firmware 1.10b05
6.1
CVSSv3
CVE-2017-10676
On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.cgi username parameter.
D-link Dir-600m Firmware Fw3.05b01
7.5
CVSSv3
CVE-2018-18442
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified atta...
D-link Dcs-825l Firmware 1.08
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »