Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-14081
An issue exists on D-Link DIR-809 A1 up to and including 1.09, A2 up to and including 1.11, and Guest Zone up to and including 1.09 devices. Device passwords, such as the admin password and the WPA key, are stored in cleartext.
D-link Dir-809 A1 Firmware
D-link Dir-809 A2 Firmware
D-link Dir-809 Guestzone Firmware
NA
CVE-2007-3347
The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote malicious users to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.
D-link Dph-541 1.00.03
D-link Dph-540 1.00.14
D-link Dph-540 1.00.03
D-link Dph-541 1.00.14
NA
CVE-2007-3348
The D-Link DPH-540/DPH-541 phone allows remote malicious users to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message.
D-link Dph-541 1.00.03
D-link Dph-540 1.00.14
D-link Dph-540 1.00.03
D-link Dph-541 1.00.14
9.8
CVSSv3
CVE-2018-19987
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the...
D-link Dir-818lw Firmware 2.05.b03
D-link Dir-822 Firmware 202krb06
Dlink Dir-822 Firmware 3.10b06
D-link Dir-860l Firmware 2.03.b03
D-link Dir-868l Firmware 2.05b02
D-link Dir-880l Firmware 1.20b01 01 I3se
D-link Dir-890l\\/r Firmware 1.21b02
2 Github repositories
NA
CVE-2004-0661
Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and previous versions allows remote malicious users to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or ...
D-link Di-604
D-link Di-614\\+ 2.30
D-link Di-624 1.28
8.8
CVSSv3
CVE-2018-5371
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote malicious users to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request.
D-link Dsl-2540u Firmware Me 1.00
D-link Dsl-2640u Firmware Im 1.00
D-link Dsl-2640u Firmware Me 1.00
NA
CVE-2003-1346
D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote malicious users to set factory default settings by upgrading the firmware using AirPlus Access Point Manager.
D-link Dwl-900ap\\+ 2.2
D-link Dwl-900ap\\+ 2.3
D-link Dwl-900ap\\+ 2.5
NA
CVE-2013-7320
Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware prior to 1.30 allows remote malicious users to hijack the authentication of administrators for requests that modify configuration settings via unspecified vectors.
D-link Dap 2253 Firmware
D-link Dap 2253 A1
NA
CVE-2013-7321
Cross-site scripting (XSS) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware prior to 1.30 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
D-link Dap 2253 Firmware
D-link Dap 2253 A1
5.3
CVSSv3
CVE-2014-7860
The web/web_file/fb_publish.php script in D-Link DNS-320L prior to 1.04b12 and DNS-327L prior to 1.03b04 Build0119 does not authenticate requests, which allows remote malicious users to obtain arbitrary photos and publish them to an arbitrary Facebook profile via a target album_i...
D-link Dns-327l Firmware
D-link Dns-320l Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »