Vulnerabilities (CVE)

Filtered by vendor Dlink Subscribe
Total 968 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-28901 1 Dlink 2 Dir-882, Dir-882 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
CVE-2022-28896 1 Dlink 2 Dir-882, Dir-882 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
CVE-2022-28895 1 Dlink 2 Dir-882, Dir-882 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
CVE-2022-28573 1 Dlink 2 Dir-823 Pro, Dir-823 Pro Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNTPserverSeting. This vulnerability allows attackers to execute arbitrary commands via the system_time_timezone parameter.
CVE-2022-28571 1 Dlink 2 Dir-882, Dir-882 Firmware 2024-11-21 5.8 MEDIUM 9.8 CRITICAL
D-link 882 DIR882A1_FW130B06 was discovered to contain a command injection vulnerability in`/usr/bin/cli.
CVE-2022-27295 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formAdvanceSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.
CVE-2022-27294 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.
CVE-2022-27293 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.
CVE-2022-27292 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange. This vulnerability allows attackers to cause a Denial of Service (DoS) via the nextPage parameter.
CVE-2022-27291 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formdumpeasysetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the config.save_network_enabled parameter.
CVE-2022-27290 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27289 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanL2TP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27288 1 Dlink 2 Dir-619, Dir-619 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27287 1 Dlink 2 Dir-619 Ax, Dir-619 Ax Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPPoE. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-27286 1 Dlink 2 Dir-619 Ax, Dir-619 Ax Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.
CVE-2022-26670 1 Dlink 2 Dir-878, Dir-878 Firmware 2024-11-21 8.3 HIGH 8.8 HIGH
D-Link DIR-878 has inadequate filtering for special characters in the webpage input field. An unauthenticated LAN attacker can perform command injection attack to execute arbitrary system commands to control the system or disrupt service.
CVE-2022-26258 1 Dlink 2 Dir-820l, Dir-820l Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
CVE-2022-25106 1 Dlink 4 Dir-859, Dir-859 A3, Dir-859 A3 Firmware and 1 more 2024-11-21 7.1 HIGH 5.5 MEDIUM
D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.
CVE-2022-1262 1 Dlink 20 Dir-1360, Dir-1360 Firmware, Dir-1760 and 17 more 2024-11-21 7.2 HIGH 7.8 HIGH
A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.
CVE-2021-46457 1 Dlink 2 Dir-823 Pro, Dir-823 Pro Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function ChgSambaUserSettings. This vulnerability allows attackers to execute arbitrary commands via the samba_name parameter.