Filtered by vendor Dlink
Subscribe
Total
1363 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41603 | 1 Dlink | 2 R15, R15 Firmware | 2025-06-17 | N/A | 5.3 MEDIUM |
| D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6. | |||||
| CVE-2024-29366 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2025-06-17 | N/A | 8.8 HIGH |
| A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1.01KRb03. | |||||
| CVE-2024-29385 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2025-06-17 | N/A | 9.0 CRITICAL |
| DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the cgibin binary via soapcgi_main function. | |||||
| CVE-2023-51984 | 1 Dlink | 2 Dir-822, Dir-822 Firmware | 2025-06-16 | N/A | 9.8 CRITICAL |
| D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell. | |||||
| CVE-2025-5912 | 1 Dlink | 2 Dir-632, Dir-632 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5573 | 1 Dlink | 2 Dcs-932l, Dcs-932l Firmware | 2025-06-06 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5572 | 1 Dlink | 2 Dcs-932l, Dcs-932l Firmware | 2025-06-06 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5624 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-06-06 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /goform/QoSPortSetup. The manipulation of the argument port0_group/port0_remarker/ssid0_group/ssid0_remarker leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5621 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-06-06 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5620 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-06-06 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec_config. The manipulation of the argument localIP/remoteIP leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5622 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-06-06 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the argument apcli_mode_5g/apcli_enc_5g/apcli_default_key_5g leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5623 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-06-06 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5630 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-06-06 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the file /goform/form2lansetup.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5215 | 1 Dlink | 2 Dcs-5020l, Dcs-5020l Firmware | 2025-06-05 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-4842 | 1 Dlink | 2 Dcs-932l, Dcs-932l Firmware | 2025-06-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. This vulnerability affects the function isUCPCameraNameChanged of the file /sbin/ucp. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-4843 | 1 Dlink | 2 Dcs-932l, Dcs-932l Firmware | 2025-06-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-32167 | 1 Dlink | 1 D-view 8 | 2025-06-04 | N/A | 6.5 MEDIUM |
| D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability. This vulnerability allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadMib function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create or delete files in the context of SYSTEM. . Was ZDI-CAN-19529. | |||||
| CVE-2024-52711 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-06-04 | N/A | 5.7 MEDIUM |
| DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. | |||||
| CVE-2025-4749 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-06-03 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This vulnerability affects the function sub_4983B0 of the file /H5/backup.asp?opt=reset of the component Factory Reset Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4841 | 1 Dlink | 2 Dcs-932l, Dcs-932l Firmware | 2025-06-03 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||