Filtered by vendor Dlink
Subscriptions
Total
1034 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39750 | 2 D-link, Dlink | 3 Dap-2660, Dap-2660, Dap-2660 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request. | ||||
| CVE-2023-39749 | 2 D-link, Dlink | 3 Dap-2660, Dap-2660, Dap-2660 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request. | ||||
| CVE-2023-39674 | 2 D-link, Dlink | 3 Dir-880l, Dir-880l A1, Dir-880l A1 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets. | ||||
| CVE-2023-39671 | 2 D-link, Dlink | 3 Dir-880l, Dir-880l A1, Dir-880l A1 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68. | ||||
| CVE-2023-39669 | 2 D-link, Dlink | 3 Dir-880l, Dir-880l A1, Dir-880l A1 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824. | ||||
| CVE-2023-39668 | 2 D-link, Dlink | 3 Dir-868l, Dir-868l, Dir-868l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function. | ||||
| CVE-2023-39667 | 1 Dlink | 2 Dir-868l, Dir-868l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function. | ||||
| CVE-2023-39666 | 2 D-link, Dlink | 3 Dir-842, Dir-842, Dir-842 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters. | ||||
| CVE-2023-39665 | 2 D-link, Dlink | 3 Dir-868l, Dir-868l, Dir-868l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter. | ||||
| CVE-2023-39638 | 2 D-link, Dlink | 3 Dir-859 A1, Dir-859 A1, Dir-859 A1 Firmware | 2024-11-21 | 9.8 Critical |
| D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin. | ||||
| CVE-2023-39637 | 2 D-link, Dlink | 3 Dir-816 A2, Dir-816, Dir-816 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis. | ||||
| CVE-2023-37791 | 2 D-link, Dlink | 3 Dir-619l, Dir-619l, Dir-619l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. | ||||
| CVE-2023-37758 | 2 D-link, Dlink | 3 Dir-815, Dir-815, Dir-815 Firmware | 2024-11-21 | 7.5 High |
| D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi. | ||||
| CVE-2023-37326 | 1 Dlink | 1 Dap 2622 Firmware | 2024-11-21 | N/A |
| D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-20103. | ||||
| CVE-2023-37324 | 1 Dlink | 1 Dap 2622 Firmware | 2024-11-21 | N/A |
| D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-20102. | ||||
| CVE-2023-37322 | 1 Dlink | 1 Dap 2622 Firmware | 2024-11-21 | N/A |
| D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-20100. | ||||
| CVE-2023-37321 | 1 Dlink | 1 Dap 2622 Firmware | 2024-11-21 | N/A |
| D-Link DAP-2622 DDP Set SSID List RADIUS Secret Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-20099. | ||||
| CVE-2023-37320 | 1 Dlink | 1 Dap 2622 Firmware | 2024-11-21 | N/A |
| D-Link DAP-2622 DDP Set SSID List SSID Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-20098. | ||||
| CVE-2023-37319 | 1 Dlink | 1 Dap 2622 Firmware | 2024-11-21 | N/A |
| D-Link DAP-2622 DDP Set IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-20097. | ||||
| CVE-2023-37316 | 1 Dlink | 1 Dap 2622 Firmware | 2024-11-21 | N/A |
| D-Link DAP-2622 DDP Set IPv6 Address Default Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-20094. | ||||