Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dlink dir-825 firmware - vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-43642
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the YouTube plugin for the xupnpd servi...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43646
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Vimeo plugin for the xupnpd service...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43647
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TC...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43643
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd servi...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43644
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd serv...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2022-43645
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IVI plugin for the xupnpd service, ...
Dlink Dir-825/ee Firmware
Dlink Dir-825/ac Firmware
8.8
CVSSv3
CVE-2021-46441
In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization.
Dlink Dir-825 Firmware -
9.8
CVSSv3
CVE-2021-46442
In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization.
Dlink Dir-825 Firmware -
9.8
CVSSv3
CVE-2022-47035
Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows malicious user to execute arbitrary code via the GetConfig method to the /CPE endpoint.
Dlink Dir-825 Firmware
8.8
CVSSv3
CVE-2020-10214
An issue exists on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server.
Dlink Dir-825 Firmware 2.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »