Filtered by vendor Dlink
Subscriptions
Total
1330 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4857 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-865L has PHP File Inclusion in the router xml file. | ||||
| CVE-2013-4856 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 6.5 Medium |
| D-Link DIR-865L has Information Disclosure. | ||||
| CVE-2013-4855 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | ||||
| CVE-2013-3096 | 1 Dlink | 2 Dir865l, Dir865l Firmware | 2024-11-21 | 5.9 Medium |
| D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability. | ||||
| CVE-2013-1603 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 5.3 Medium |
| An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream. | ||||
| CVE-2013-1602 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams. | ||||
| CVE-2013-1601 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 5.3 Medium |
| An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information. | ||||
| CVE-2013-1600 | 1 Dlink | 4 Dcs-2102, Dcs-2102 Firmware, Dcs-2121 and 1 more | 2024-11-21 | 5.3 Medium |
| An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information. | ||||
| CVE-2013-1599 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 9.8 Critical |
| A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface. | ||||
| CVE-2012-6614 | 1 Dlink | 2 Dsr-250n, Dsr-250n Firmware | 2024-11-21 | 7.2 High |
| D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. | ||||
| CVE-2012-6613 | 1 Dlink | 2 Dsr-250n, Dsr-250n Firmware | 2024-11-21 | 7.2 High |
| D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account. | ||||
| CVE-2024-11065 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11064 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11063 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11062 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11046 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2024-11-13 | 6.3 Medium |
| A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11047 | 2 D-link, Dlink | 3 Di-8003 Firmware, Di-8003, Di-8003 Firmware | 2024-11-13 | 8.8 High |
| A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11048 | 2 D-link, Dlink | 3 Di-8003 Firmware, Di-8003, Di-8003 Firmware | 2024-11-13 | 8.8 High |
| A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-28726 | 1 Dlink | 1 Dwr-2000m Firmware | 2024-11-13 | 8 High |
| An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function. | ||||
| CVE-2024-10916 | 1 Dlink | 8 Dns-320, Dns-320 Firmware, Dns-320lw and 5 more | 2024-11-08 | 5.3 Medium |
| A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. This affects an unknown part of the file /xml/info.xml of the component HTTP GET Request Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||