Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-44880
D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allows malicious users to execute arbitrary commands via a crafted HNAP1 POST request...
Dlink Dir-878 Firmware 1.30b08
Dlink Dir-878 Firmware
Dlink Dir-882 Firmware
Dlink Dir-882 Firmware 1.30b06
7.5
CVSSv3
CVE-2019-7642
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), ...
Dlink Dir-817lw Firmware 1.04
Dlink Dir-816l Firmware 2.06
Dlink Dir-816 Firmware 2.06
Dlink Dir-850l Firmware 1.09
Dlink Dir-868l Firmware 1.10
2 Github repositories
7.5
CVSSv3
CVE-2021-28840
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the upload_config function of ...
Dlink Dap-2310 Firmware 2.0.7.rc031
Dlink Dap-2330 Firmware 1.07.rc028
Dlink Dap-2360 Firmware 2.07.rc043
Dlink Dap-2553 Firmware 3.06.rc027
Dlink Dap-2660 Firmware 1.13.rc074
Dlink Dap-2690 Firmware 3.16.rc100
Dlink Dap-2695 Firmware 1.17.rc063
Dlink Dap-3320 Firmware 1.01.rc014
Dlink Dap-3662 Firmware 1.01.rc022
7.5
CVSSv3
CVE-2021-28839
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the upload_certificate functio...
Dlink Dap-2310 Firmware 2.0.7.rc031
Dlink Dap-2330 Firmware 1.07.rc028
Dlink Dap-2360 Firmware 2.07.rc043
Dlink Dap-2553 Firmware 3.06.rc027
Dlink Dap-2660 Firmware 1.13.rc074
Dlink Dap-2690 Firmware 3.16.rc100
Dlink Dap-2695 Firmware 1.17.rc063
Dlink Dap-3320 Firmware 1.01.rc014
Dlink Dap-3662 Firmware 1.01.rc022
NA
CVE-2013-6026
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote malicious users to bypass authentication and modify settings via an xmlset_r...
Dlink Di-604s -
Dlink Tm-g5240 -
Dlink Di-524up -
Dlink Di-604up -
Dlink Di-624s -
Dlink Di-604\\+ -
Dlink Dir-120 -
Dlink Dir-100 -
Alphanetworks Vdsl Asl-55052 -
Alphanetworks Vdsl Asl-56552 -
Planex Brl-04r -
Planex Brl-04cw -
Planex Brl-04ur -
2 Github repositories
9.8
CVSSv3
CVE-2019-16190
SharePort Web Access on D-Link DIR-868L REVB up to and including 2.03, DIR-885L REVA up to and including 1.20, and DIR-895L REVA up to and including 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to folder_view.php or category_view.php.
Dlink Dir-868l Firmware
Dlink Dir-885l Firmware
Dlink Dir-895l Firmware
8.8
CVSSv3
CVE-2017-17020
On D-Link DCS-5009 devices with firmware 1.08.11 and previous versions, DCS-5010 devices with firmware 1.14.09 and previous versions, and DCS-5020L devices with firmware prior to 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) a...
Dlink Dcs-5009 Firmware
Dlink Dcs-5010 Firmware
Dlink Dcs-5020l Firmware
4.3
CVSSv3
CVE-2022-42159
D-Link COVR 1200,1202,1203 v1.08 exists to have a predictable seed in a Pseudo-Random Number Generator.
Dlink Covr 1203 Firmware 1.08
Dlink Covr 1202 Firmware 1.08
Dlink Covr 1200 Firmware 1.08
8.8
CVSSv3
CVE-2022-42160
D-Link COVR 1200,1202,1203 v1.08 exists to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings.
Dlink Covr 1203 Firmware 1.08
Dlink Covr 1202 Firmware 1.08
Dlink Covr 1200 Firmware 1.08
8.8
CVSSv3
CVE-2022-42161
D-Link COVR 1200,1202,1203 v1.08 exists to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS.
Dlink Covr 1203 Firmware 1.08
Dlink Covr 1202 Firmware 1.08
Dlink Covr 1200 Firmware 1.08
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »