Filtered by vendor D-link
Subscribe
Total
113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12103 | 2 D-link, Dlink | 6 Dir-885\/r, Dir-885l\/r Firmware, Dir-895\/r and 3 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| An issue was discovered on D-Link DIR-890L with firmware 1.21B02beta01 and earlier, DIR-885L/R with firmware 1.21B03beta01 and earlier, and DIR-895L/R with firmware 1.21B04beta04 and earlier devices (all hardware revisions). Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point. | |||||
| CVE-2018-11013 | 2 D-link, Dlink | 2 Dir-816 A2 Firmware, Dir-816 A2 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header. | |||||
| CVE-2018-10996 | 1 D-link | 2 Dir-629-b, Dir-629-b Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. | |||||
| CVE-2018-10968 | 2 D-link, Dlink | 4 Dir-550a Firmware, Dir-604m Firmware, Dir-550a and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability. | |||||
| CVE-2018-10967 | 2 D-link, Dlink | 4 Dir-550a Firmware, Dir-604m Firmware, Dir-550a and 1 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution. | |||||
| CVE-2018-10750 | 2 D-link, Dlink | 2 Dsl-3782 Firmware, Dsl-3782 | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'staticGet' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'staticGet <node_name attr>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10749 | 2 D-link, Dlink | 2 Dsl-3782 Firmware, Dsl-3782 | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'commit <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10748 | 2 D-link, Dlink | 2 Dsl-3782 Firmware, Dsl-3782 | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'show <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10747 | 2 D-link, Dlink | 2 Dsl-3782 Firmware, Dsl-3782 | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'unset <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10746 | 2 D-link, Dlink | 2 Dsl-3782 Firmware, Dsl-3782 | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'get <node_name attr>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10713 | 2 D-link, Dlink | 2 Dsl-3782 Firmware, Dsl-3782 | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'read' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'read <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10431 | 2 D-link, Dlink | 2 Dir-615 Firmware, Dir-615 | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | |||||
| CVE-2018-10110 | 2 D-link, Dlink | 2 Dir-615 T1 Firmware, Dir-615 T1 | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| D-Link DIR-615 T1 devices allow XSS via the Add User feature. | |||||
| CVE-2017-9542 | 2 D-link, Dlink | 2 Dir-615 Firmware, Dir-615 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device. | |||||
| CVE-2017-7851 | 2 D-link, Dlink | 2 Dcs-936l, Dcs-936l | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| D-Link DCS-936L devices with firmware before 1.05.07 have an inadequate CSRF protection mechanism that requires the device's IP address to be a substring of the HTTP Referer header. | |||||
| CVE-2017-7398 | 2 D-link, Dlink | 2 Dir-615 Firmware, Dir-615 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option from WPA2 to None, or changing the hiddenSSID parameter, SSID parameter, or a security-option password. | |||||
| CVE-2017-5874 | 2 D-link, Dlink | 2 Dir-600m Firmware, Dir-600m | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to bypass authentication and insert XSS sequences or possibly have unspecified other impact. | |||||
| CVE-2017-5633 | 2 D-link, Dlink | 2 Di-524 Firmware, Di-524 | 2024-11-21 | 8.5 HIGH | 8.0 HIGH |
| Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. | |||||
| CVE-2017-3192 | 2 D-link, Dlink | 4 Dir-130 Firmware, Dir-330 Firmware, Dir-130 and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 encoding in the returned web page. A remote attacker with access to this page (potentially through a authentication bypass such as CVE-2017-3191) may obtain administrator credentials for the device. | |||||
| CVE-2017-3191 | 2 D-link, Dlink | 4 Dir-130 Firmware, Dir-330 Firmware, Dir-130 and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login page can manipulate the POST request in such a manner as to access some administrator-only pages such as tools_admin.asp without credentials. | |||||