Filtered by vendor Dlink
Subscribe
Total
1288 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-57677 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | N/A | 6.5 MEDIUM |
| An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request. | |||||
| CVE-2024-57676 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | N/A | 6.5 MEDIUM |
| An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request. | |||||
| CVE-2024-13102 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13103 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13104 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component WiFi Settings Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13105 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of the component DHCPD Setting Handler. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13106 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/form2IPQoSTcAdd of the component IP QoS Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13107 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been classified as critical. This affects an unknown part of the file /goform/form2LocalAclEditcfg.cgi of the component ACL Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13108 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-25741 | 1 Dlink | 2 Dir-853, Dir-853 Firmware | 2025-05-02 | N/A | 5.4 MEDIUM |
| D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the IPv6_PppoePassword parameter in the SetIPv6PppoeSettings module. | |||||
| CVE-2025-25740 | 1 Dlink | 2 Dir-853, Dir-853 Firmware | 2025-05-02 | N/A | 5.5 MEDIUM |
| D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the PSK parameter in the SetQuickVPNSettings module. | |||||
| CVE-2025-25745 | 1 Dlink | 2 Dir-853, Dir-853 Firmware | 2025-05-02 | N/A | 8.8 HIGH |
| D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetQuickVPNSettings module. | |||||
| CVE-2025-25891 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| A buffer overflow vulnerability was discovered in D-Link DSL-3782 v1.01, triggered by the destination, netmask and gateway parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | |||||
| CVE-2025-25892 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| A buffer overflow vulnerability was discovered in D-Link DSL-3782 v1.01 via the sstartip, sendip, dstartip, and dendip parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | |||||
| CVE-2025-25893 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 8.0 HIGH |
| An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the inIP, insPort, inePort, exsPort, exePort, and protocol parameters. This vulnerability allows attackers to execute arbitrary operating system (OS) commands via a crafted packet. | |||||
| CVE-2025-25894 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 8.0 HIGH |
| An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the samba_wg and samba_nbn parameters. This vulnerability allows attackers to execute arbitrary operating system (OS) commands via a crafted packet. | |||||
| CVE-2025-25895 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 8.0 HIGH |
| An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the public_type parameter. This vulnerability allows attackers to execute arbitrary operating system (OS) commands via a crafted packet. | |||||
| CVE-2025-25896 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| A buffer overflow vulnerability was discovered in D-Link DSL-3782 v1.01 via the destination, netmask, and gateway parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | |||||
| CVE-2025-29041 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-05-01 | N/A | 9.8 CRITICAL |
| An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c | |||||
| CVE-2025-29040 | 1 Dlink | 2 Dir-823x, Dir-823x Firmware | 2025-05-01 | N/A | 9.8 CRITICAL |
| An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c | |||||