Filtered by vendor Dlink
Subscriptions
Total
942 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28896 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2024-08-03 | 9.8 Critical |
| A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | ||||
| CVE-2022-28895 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2024-08-03 | 9.8 Critical |
| A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload. | ||||
| CVE-2022-28573 | 1 Dlink | 2 Dir-823 Pro, Dir-823 Pro Firmware | 2024-08-03 | 9.8 Critical |
| D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNTPserverSeting. This vulnerability allows attackers to execute arbitrary commands via the system_time_timezone parameter. | ||||
| CVE-2022-28571 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2024-08-03 | 9.8 Critical |
| D-link 882 DIR882A1_FW130B06 was discovered to contain a command injection vulnerability in`/usr/bin/cli. | ||||
| CVE-2022-27292 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange. This vulnerability allows attackers to cause a Denial of Service (DoS) via the nextPage parameter. | ||||
| CVE-2022-27286 | 1 Dlink | 2 Dir-619 Ax, Dir-619 Ax Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27293 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | ||||
| CVE-2022-27289 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanL2TP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27290 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27295 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formAdvanceSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | ||||
| CVE-2022-27288 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27287 | 1 Dlink | 2 Dir-619 Ax, Dir-619 Ax Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPPoE. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27291 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formdumpeasysetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the config.save_network_enabled parameter. | ||||
| CVE-2022-27294 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | ||||
| CVE-2022-26258 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2024-08-03 | 9.8 Critical |
| D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | ||||
| CVE-2022-25106 | 1 Dlink | 4 Dir-859, Dir-859 A3, Dir-859 A3 Firmware and 1 more | 2024-08-03 | 5.5 Medium |
| D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2022-3210 | 1 Dlink | 2 Dir-2150, Dir-2150 Firmware | 2024-08-03 | 8.8 High |
| This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP port 4044 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15905. | ||||
| CVE-2022-1262 | 1 Dlink | 20 Dir-1360, Dir-1360 Firmware, Dir-1760 and 17 more | 2024-08-02 | 7.8 High |
| A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root. | ||||
| CVE-2023-51987 | 1 Dlink | 2 Dir-822, Dir-822 Firmware | 2024-08-02 | 9.8 Critical |
| D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | ||||
| CVE-2023-51984 | 1 Dlink | 2 Dir-822, Dir-822 Firmware | 2024-08-02 | 9.8 Critical |
| D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell. | ||||