Filtered by vendor Dlink
Subscribe
Total
1359 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-48632 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | N/A |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain multiple command injection vulnerabilities via the LocalIPAddress, TCPPorts, and UDPPorts parameters in the SetPortForwardingSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48631 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | N/A |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48636 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | N/A |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:0/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48637 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | N/A |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48635 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | N/A |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48168 | 1 Dlink | 2 Dcs-960l, Dcs-960l Firmware | 2025-05-07 | N/A | N/A |
| A stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link DCS-960L 1.09, allowing an attacker to execute arbitrary code. | |||||
| CVE-2024-48634 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | N/A |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the key parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48638 | 1 Dlink | 4 Dir-878, Dir-878 Firmware, Dir-882 and 1 more | 2025-05-07 | N/A | N/A |
| D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SubnetMask parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |||||
| CVE-2024-48272 | 1 Dlink | 2 Dsl-6740c, Dsl-6740c Firmware | 2025-05-07 | N/A | N/A |
| D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack. | |||||
| CVE-2024-51023 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-05-07 | N/A | N/A |
| D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-51024 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-05-07 | N/A | N/A |
| D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-51186 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2025-05-07 | N/A | N/A |
| D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. | |||||
| CVE-2022-43001 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function. | |||||
| CVE-2022-43003 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function. | |||||
| CVE-2022-42998 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd. | |||||
| CVE-2020-21016 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php. | |||||
| CVE-2022-42999 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 7.5 HIGH |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm. | |||||
| CVE-2022-43002 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54. | |||||
| CVE-2022-43000 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4. | |||||
| CVE-2022-43109 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-05-05 | N/A | 9.8 CRITICAL |
| D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet. | |||||