Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-26709
D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote malicious users to take over a device via the login.xgi user and pass parameters. NOTE: This vulnerability only affects products that are no longer supp...
D-link Dsl-320b-d1
7.8
CVSSv2
CVE-2018-18442
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified atta...
D-link Dcs-825l Firmware 1.08
5
CVSSv2
CVE-2002-1069
The remote administration capability for the D-Link DI-804 router 4.68 allows remote malicious users to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Informa...
D-link Di-804 4.68
6.5
CVSSv2
CVE-2018-10431
D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen.
D-link Dir-615 Firmware 2.5.17
7.5
CVSSv2
CVE-2018-20305
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
D-link Dir-816 A2 Firmware 1.10b05
6.8
CVSSv2
CVE-2017-7398
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an malicious user to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option ...
D-link Dir-615 Firmware 20.09
1 EDB exploit
7.5
CVSSv2
CVE-2019-9124
An issue exists on D-Link DIR-878 1.12B01 devices. At the /HNAP1 URI, an attacker can log in with a blank password.
D-link Dir-878 Firmware 1.12b01
7.5
CVSSv2
CVE-2019-9125
An issue exists on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header.
D-link Dir-878 Firmware 1.12b01
5
CVSSv2
CVE-2020-9544
An issue exists on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice.
D-link Dsl-2640b Firmware E1 Eu 1.01
8.5
CVSSv2
CVE-2017-5633
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote malicious users to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI progr...
D-link Di-524 Firmware 9.01
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »