Filtered by vendor D-link
Subscribe
Total
157 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-100005 | 1 D-link | 2 Dir-60, Dir-600 Firmware | 2024-08-13 | 6.8 MEDIUM | 8.8 HIGH |
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote management via a crafted configuration module to hedwig.cgi, (3) activate new configuration settings via a SETCFG,SAVE,ACTIVATE action to pigwidgeon.cgi, or (4) send a ping via a ping action to diagnostic.php. | |||||
CVE-2021-41503 | 2 D-link, Dlink | 4 Dcs-5000l Firmware, Dcs-5000l, Dcs-932l and 1 more | 2024-08-04 | 5.2 MEDIUM | 8.0 HIGH |
** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2021-26709 | 1 D-link | 1 Dsl-320b-d1 | 2024-08-03 | 10.0 HIGH | 9.8 CRITICAL |
** UNSUPPORTED WHEN ASSIGNED ** D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote attackers to take over a device via the login.xgi user and pass parameters. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2021-33259 | 2 D-link, Dlink | 2 Dir-868lw Firmware, Dir-868lw | 2024-02-14 | 5.0 MEDIUM | 5.3 MEDIUM |
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history. | |||||
CVE-2018-5371 | 2 D-link, Dlink | 4 Dsl-2540u Firmware, Dsl-2640u Firmware, Dsl-2540u and 1 more | 2024-02-14 | 9.0 HIGH | 8.8 HIGH |
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request. | |||||
CVE-2022-44928 | 1 D-link | 2 Dvg-g5402sp, Dvg-g5402sp Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function. | |||||
CVE-2022-44929 | 1 D-link | 2 Dvg-g5402sp, Dvg-g5402sp Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. | |||||
CVE-2021-27249 | 2 D-link, Dlink | 2 Dap-2020 Firmware, Dap-2020 | 2024-02-04 | 8.3 HIGH | 8.8 HIGH |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11369. | |||||
CVE-2021-27248 | 2 D-link, Dlink | 2 Dap-2020 Firmware, Dap-2020 | 2024-02-04 | 8.3 HIGH | 8.8 HIGH |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the getpage parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-10932. | |||||
CVE-2021-27250 | 2 D-link, Dlink | 2 Dap-2020 Firmware, Dap-2020 | 2024-02-04 | 3.3 LOW | 6.5 MEDIUM |
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the errorpage request parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11856. | |||||
CVE-2020-15633 | 2 D-link, Dlink | 6 Dir-867 Firmware, Dir-878 Firmware, Dir-882 Firmware and 3 more | 2024-02-04 | 5.8 MEDIUM | 8.8 HIGH |
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP requests. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the router. Was ZDI-CAN-10835. | |||||
CVE-2020-15894 | 2 D-link, Dlink | 2 Dir-816l Firmware, Dir-816l | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utilized by an attacker to retrieve various sensitive information, such as admin login credentials, by setting the value of _POST_SERVICES in the query string to DEVICE.ACCOUNT. | |||||
CVE-2020-15893 | 2 D-link, Dlink | 2 Dir-816l Firmware, Dir-816l | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. | |||||
CVE-2019-15655 | 2 D-link, Dlink | 2 Dsl-2875al Firmware, Dsl-2875al | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext. | |||||
CVE-2019-15656 | 2 D-link, Dlink | 4 Dsl-2875al Firmware, Dsl-2877al Firmware, Dsl-2875al and 1 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | |||||
CVE-2020-15892 | 2 D-link, Dlink | 2 Dap-1520 Firmware, Dap-1520 | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a user performs a login action from the web interface, the request values are being forwarded to the ssi binary. On the login page, the web interface restricts the password input field to a fixed length of 15 characters. The problem is that validation is being done on the client side, hence it can be bypassed. When an attacker manages to intercept the login request (POST based) and tampers with the vulnerable parameter (log_pass), to a larger length, the request will be forwarded to the webserver. This results in a stack-based buffer overflow. A few other POST variables, (transferred as part of the login request) are also vulnerable: html_response_page and log_user. | |||||
CVE-2020-25078 | 2 D-link, Dlink | 4 Dcs-2670l, Dcs-2670l Firmware, Dcs-2530l and 1 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. | |||||
CVE-2019-6258 | 2 D-link, Dlink | 2 Dir-822 Firmware, Dir-822 | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file. | |||||
CVE-2020-15895 | 2 D-link, Dlink | 2 Dir-816l Firmware, Dir-816l | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the webpage. | |||||
CVE-2020-9544 | 1 D-link | 2 Dsl-2640b, Dsl-2640b Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice. |