Filtered by vendor Dlink
Subscribe
Total
719 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-37129 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-02-04 | N/A | 8.8 HIGH |
D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand. After the user passes in the command parameter, it will be spliced into byte_4836B0 by snprintf, and finally doSystem(&byte_4836B0); will be executed, resulting in a command injection. | |||||
CVE-2022-42161 | 1 Dlink | 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more | 2024-02-04 | N/A | 8.8 HIGH |
D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS. | |||||
CVE-2022-43000 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4. | |||||
CVE-2022-36525 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Buffer Overflow via authenticationcgi_main. | |||||
CVE-2022-42156 | 1 Dlink | 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more | 2024-02-04 | N/A | 8.8 HIGH |
D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings. | |||||
CVE-2022-31414 | 1 Dlink | 2 Dir-1960, Dir-1960 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
D-Link DIR-1960 firmware DIR-1960_A1_1.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | |||||
CVE-2022-42999 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm. | |||||
CVE-2022-43001 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function. | |||||
CVE-2022-36755 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. | |||||
CVE-2022-42998 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd. | |||||
CVE-2022-36620 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting. | |||||
CVE-2022-38557 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. | |||||
CVE-2022-35192 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp. | |||||
CVE-2022-35191 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-02-04 | N/A | 6.5 MEDIUM |
D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via a crafted HTTP connection request. | |||||
CVE-2022-34528 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-02-04 | N/A | 8.8 HIGH |
D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue. | |||||
CVE-2022-37125 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost. | |||||
CVE-2022-37055 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main, | |||||
CVE-2022-36756 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php. | |||||
CVE-2022-42160 | 1 Dlink | 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more | 2024-02-04 | N/A | 8.8 HIGH |
D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings. | |||||
CVE-2016-20017 | 1 Dlink | 2 Dsl-2750b, Dsl-2750b Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022. |