Filtered by vendor Dlink
Subscriptions
Total
1125 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8361 | 3 Aterm, Dlink, Realtek | 51 W1200ex, W1200ex-ms, W1200ex-ms Firmware and 48 more | 2025-03-26 | 9.8 Critical |
| The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. | ||||
| CVE-2025-2618 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-2619 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-2620 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-2621 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-24330 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-03-25 | 8.8 High |
| Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/. | ||||
| CVE-2023-24331 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-03-25 | 9.8 Critical |
| Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter. | ||||
| CVE-2023-24348 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. | ||||
| CVE-2023-24347 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. | ||||
| CVE-2023-24346 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. | ||||
| CVE-2023-24345 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. | ||||
| CVE-2023-24344 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. | ||||
| CVE-2023-24343 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. | ||||
| CVE-2023-24351 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. | ||||
| CVE-2023-24350 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. | ||||
| CVE-2023-24349 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. | ||||
| CVE-2023-24352 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. | ||||
| CVE-2023-0127 | 1 Dlink | 2 Dwl-2600ap, Dwl-2600ap Firmware | 2025-03-24 | 7.8 High |
| A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root. | ||||
| CVE-2023-44415 | 1 Dlink | 4 Dir-1260, Dir-1260 Firmware, Dir-2150 and 1 more | 2025-03-24 | 8.0 High |
| D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-19946. | ||||
| CVE-2025-25746 | 1 Dlink | 2 Dir-853, Dir-853 Firmware | 2025-03-18 | 9.8 Critical |
| D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetWanSettings module. | ||||