Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-link vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-14081
An issue exists on D-Link DIR-809 A1 up to and including 1.09, A2 up to and including 1.11, and Guest Zone up to and including 1.09 devices. Device passwords, such as the admin password and the WPA key, are stored in cleartext.
D-link Dir-809 A1 Firmware
D-link Dir-809 A2 Firmware
D-link Dir-809 Guestzone Firmware
694
VMScore
CVE-2007-3347
The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote malicious users to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.
D-link Dph-541 1.00.03
D-link Dph-540 1.00.14
D-link Dph-540 1.00.03
D-link Dph-541 1.00.14
694
VMScore
CVE-2007-3348
The D-Link DPH-540/DPH-541 phone allows remote malicious users to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message.
D-link Dph-541 1.00.03
D-link Dph-540 1.00.14
D-link Dph-540 1.00.03
D-link Dph-541 1.00.14
891
VMScore
CVE-2018-19987
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the...
D-link Dir-818lw Firmware 2.05.b03
D-link Dir-822 Firmware 202krb06
Dlink Dir-822 Firmware 3.10b06
D-link Dir-860l Firmware 2.03.b03
D-link Dir-868l Firmware 2.05b02
D-link Dir-880l Firmware 1.20b01 01 I3se
D-link Dir-890l\\/r Firmware 1.21b02
2 Github repositories
445
VMScore
CVE-2004-0661
Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and previous versions allows remote malicious users to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or ...
D-link Di-604
D-link Di-614\\+ 2.30
D-link Di-624 1.28
801
VMScore
CVE-2018-5371
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote malicious users to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request.
D-link Dsl-2540u Firmware Me 1.00
D-link Dsl-2640u Firmware Im 1.00
D-link Dsl-2640u Firmware Me 1.00
890
VMScore
CVE-2003-1346
D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote malicious users to set factory default settings by upgrading the firmware using AirPlus Access Point Manager.
D-link Dwl-900ap\\+ 2.2
D-link Dwl-900ap\\+ 2.3
D-link Dwl-900ap\\+ 2.5
605
VMScore
CVE-2013-7320
Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware prior to 1.30 allows remote malicious users to hijack the authentication of administrators for requests that modify configuration settings via unspecified vectors.
D-link Dap 2253 Firmware
D-link Dap 2253 A1
383
VMScore
CVE-2013-7321
Cross-site scripting (XSS) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware prior to 1.30 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
D-link Dap 2253 Firmware
D-link Dap 2253 A1
801
VMScore
CVE-2018-10967
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.
D-link Dir-550a Firmware
D-link Dir-604m Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »