Dir-880l CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (5 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-5681	2 D-link, Dlink	20 Dir-817l\(w\) Firmware, Dir-818l\(w\) Firmware, Dir-823 Firmware and 17 more	2025-04-12	9.8 Critical
Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie.
CVE-2023-39674	2 D-link, Dlink	3 Dir-880l, Dir-880l A1, Dir-880l A1 Firmware	2024-11-21	9.8 Critical
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.
CVE-2023-39671	2 D-link, Dlink	3 Dir-880l, Dir-880l A1, Dir-880l A1 Firmware	2024-11-21	9.8 Critical
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.
CVE-2023-39669	2 D-link, Dlink	3 Dir-880l, Dir-880l A1, Dir-880l A1 Firmware	2024-11-21	7.5 High
D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.
CVE-2018-19987	2 D-link, Dlink	13 Dir-818lw Firmware, Dir-822 Firmware, Dir-860l Firmware and 10 more	2024-11-21	N/A
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.

Page 1 of 1.