Filtered by vendor Dlink
Subscriptions
Total
1581 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12296 | 2 D-link, Dlink | 3 Dap-2695, Dap-2695, Dap-2695 Firmware | 2025-11-03 | 4.7 Medium |
| A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-12295 | 2 D-link, Dlink | 3 Dap-2695, Dap-2695, Dap-2695 Firmware | 2025-11-03 | 6.6 Medium |
| A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub_40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-11665 | 2 D-link, Dlink | 3 Dap-2695, Dap-2695, Dap-2695 Firmware | 2025-11-03 | 4.7 Medium |
| A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdater_main of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2022-26258 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2025-11-03 | 9.8 Critical |
| D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | ||||
| CVE-2024-0769 | 1 Dlink | 2 Dir-859, Dir-859 Firmware | 2025-10-30 | 5.3 Medium |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler. The manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251666 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. | ||||
| CVE-2024-3273 | 1 Dlink | 40 Dnr-202l, Dnr-202l Firmware, Dnr-322l and 37 more | 2025-10-30 | 7.3 High |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. | ||||
| CVE-2024-3272 | 1 Dlink | 40 Dnr-202l, Dnr-202l Firmware, Dnr-322l and 37 more | 2025-10-30 | 9.8 Critical |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. | ||||
| CVE-2025-61577 | 2 D-link, Dlink | 3 Dir-816a2, Dir-816, Dir-816 Firmware | 2025-10-29 | 7.5 High |
| D-Link DIR-816A2_FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dir_setWanWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-60566 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter. | ||||
| CVE-2025-60568 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvFirewall. | ||||
| CVE-2025-60569 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetRoute. | ||||
| CVE-2025-60570 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLogDnsquery. | ||||
| CVE-2025-60571 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600LAx FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetQoS. | ||||
| CVE-2025-60572 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvNetwork. | ||||
| CVE-2025-60547 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard7. | ||||
| CVE-2025-60548 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 9.8 Critical |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings. | ||||
| CVE-2025-60549 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAutoDetecWAN_wizard4. | ||||
| CVE-2025-60550 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formEasySetTimezone. | ||||
| CVE-2025-60551 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 7.5 High |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the next_page parameter in the function formDeviceReboot. | ||||
| CVE-2025-60553 | 2 D-link, Dlink | 3 Dir-600l, Dir-600l, Dir-600l Firmware | 2025-10-28 | 9.8 Critical |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard52. | ||||