Filtered by vendor Dlink
Subscriptions
Total
1135 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-14419 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2025-04-20 | 5.9 Medium |
| The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices, participates in mydlink Cloud Services by establishing a TCP relay service for HTTP, even though a TCP relay service for HTTPS is also established. | ||||
| CVE-2016-10699 | 1 Dlink | 2 Dsl-2740e, Dsl-2740e Firmware | 2025-04-20 | N/A |
| D-Link DSL-2740E 1.00_BG_20150720 devices are prone to persistent XSS attacks in the username and password fields: a remote unauthenticated user may craft logins and passwords with script tags in them. Because there is no sanitization in the input fields, an unaware logged-in administrator may be a victim when checking the router logs. | ||||
| CVE-2016-1558 | 1 Dlink | 20 Dap-2230, Dap-2230 Firmware, Dap-2310 and 17 more | 2025-04-20 | N/A |
| Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie. | ||||
| CVE-2015-7246 | 2 D-link, Dlink | 2 Dvg-n5402sp Firmware, Dvg-n5402sp | 2025-04-20 | N/A |
| D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access. | ||||
| CVE-2015-7247 | 2 D-link, Dlink | 2 Dvg-n5402sp Firmware, Dvg-n5402sp | 2025-04-20 | N/A |
| D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2016-10179 | 1 Dlink | 2 Dwr-932b, Dwr-932b Firmware | 2025-04-20 | 7.5 High |
| An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. | ||||
| CVE-2016-10180 | 1 Dlink | 2 Dwr-932b, Dwr-932b Firmware | 2025-04-20 | 7.5 High |
| An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding. | ||||
| CVE-2022-46076 | 1 Dlink | 4 Dir-869, Dir-869 Firmware, Dir-869ax and 1 more | 2025-04-17 | 7.5 High |
| D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. | ||||
| CVE-2022-38873 | 1 Dlink | 18 Dap-2310, Dap-2310 Firmware, Dap-2330 and 15 more | 2025-04-17 | 7.5 High |
| D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header. | ||||
| CVE-2024-57440 | 1 Dlink | 2 Dsl-3788, Dsl-3788 Firmware | 2025-04-15 | 7.5 High |
| D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi | ||||
| CVE-2024-27662 | 1 Dlink | 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware | 2025-04-15 | 6.5 Medium |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-28395 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-04-15 | 7.1 High |
| D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. | ||||
| CVE-2025-28398 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-04-15 | 7.1 High |
| D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. | ||||
| CVE-2022-46642 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2025-04-15 | 9.9 Critical |
| D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. | ||||
| CVE-2022-46641 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2025-04-15 | 9.9 Critical |
| D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. | ||||
| CVE-2022-46570 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | 7.2 High |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. | ||||
| CVE-2022-46569 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | 7.2 High |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module. | ||||
| CVE-2022-46568 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | 7.2 High |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. | ||||
| CVE-2022-46566 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | 7.2 High |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module. | ||||
| CVE-2022-46563 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | 7.2 High |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module. | ||||