Filtered by vendor Dlink
Subscribe
Total
1538 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-13188 | 1 Dlink | 2 Dir-816l, Dir-816l Firmware | 2025-11-20 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-13189 | 1 Dlink | 2 Dir-816l, Dir-816l Firmware | 2025-11-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-13190 | 1 Dlink | 2 Dir-816l, Dir-816l Firmware | 2025-11-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The manipulation of the argument en results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-11338 | 1 Dlink | 2 Di-7100g C1, Di-7100g C1 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-11335 | 1 Dlink | 2 Di-7100g C1, Di-7100g C1 Firmware | 2025-11-19 | 5.8 MEDIUM | 4.7 MEDIUM |
| A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-11339 | 1 Dlink | 2 Di-7100g C1, Di-7100g C1 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-11407 | 1 Dlink | 2 Di-7001mini-8g, Di-7001mini-8g Firmware | 2025-11-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-11408 | 1 Dlink | 2 Di-7001mini-8g, Di-7001mini-8g Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-13191 | 1 Dlink | 2 Dir-816l, Dir-816l Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-60675 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-11-17 | N/A | 5.4 MEDIUM |
| A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule configuration file. The vulnerability occurs because parsed fields from the configuration file are concatenated into command strings and executed via system() without any sanitization. An attacker with write access to /tmp/new_qos.rule can execute arbitrary commands on the device. | |||||
| CVE-2025-60671 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-11-17 | N/A | 5.4 MEDIUM |
| A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /var/system/linux_vlan_reinit file. The vulnerability occurs because content read from this file is only partially validated for a prefix and then formatted using vsnprintf() before being executed with system(), allowing an attacker with write access to /var/system/linux_vlan_reinit to execute arbitrary commands on the device. | |||||
| CVE-2025-60674 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-11-17 | N/A | 6.8 MEDIUM |
| A stack buffer overflow vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin in the rc binary's USB storage handling module. The vulnerability occurs when the "Serial Number" field from a USB device is read via sscanf into a 64-byte stack buffer, while fgets reads up to 127 bytes, causing a stack overflow. An attacker with physical access or control over a USB device can exploit this vulnerability to potentially execute arbitrary code on the device. | |||||
| CVE-2025-60672 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to construct system commands executed via twsystem(). An attacker can exploit this vulnerability remotely without authentication by sending a specially crafted HTTP request, leading to arbitrary command execution on the device. | |||||
| CVE-2025-60673 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands executed via twsystem(). An attacker can exploit this vulnerability remotely without authentication by sending a specially crafted HTTP request, leading to arbitrary command execution on the device. | |||||
| CVE-2025-60676 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed via system(). An attacker can exploit this vulnerability remotely without authentication by sending a specially crafted HTTP request, leading to arbitrary command execution on the device. | |||||
| CVE-2025-60679 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-11-17 | N/A | 8.8 HIGH |
| A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2_FWv1.10CNB05_R1B011D88210.img in the upload.cgi module, which handles firmware version information. The vulnerability occurs because /proc/version is read into a 512-byte buffer and then concatenated using sprintf() into another 512-byte buffer containing a 29-byte constant. Input exceeding 481 bytes triggers a stack buffer overflow, allowing an attacker who can control /proc/version content to potentially execute arbitrary code on the device. | |||||
| CVE-2025-60697 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-11-17 | N/A | 7.3 HIGH |
| A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_4438A4` function in `prog.cgi` stores user-supplied DDNS parameters (`ServerAddress` and `Hostname`) in NVRAM via `nvram_safe_set`. These values are later retrieved in the `start_DDNS_ipv4` function of `rc` using `nvram_safe_get` and concatenated into DDNS shell commands executed via `twsystem()` without proper sanitization. Partial string comparison is performed but is insufficient to prevent command injection. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface. | |||||
| CVE-2025-60698 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-11-17 | N/A | 7.3 HIGH |
| A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_432F60` function in `prog.cgi` stores user-supplied `SetSysLogSettings/IPAddress` values in NVRAM via `nvram_safe_set("SysLogRemote_IPAddress", ...)`. These values are later retrieved in the `sub_448DCC` function of `rc` using `nvram_safe_get` and concatenated into a shell command executed via `twsystem()` without any sanitization. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface. | |||||
| CVE-2025-60700 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `librcm.so` binaries. The `sub_4455BC` function in `prog.cgi` stores user-supplied `SetDMZSettings/IPAddress` values in NVRAM via `nvram_safe_set("dmz_ipaddr", ...)`. These values are later retrieved in the `DMZ_run` function of `librcm.so` using `nvram_safe_get` and concatenated into `iptables` shell commands executed via `twsystem()` without any sanitization. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface. | |||||
| CVE-2025-60701 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-11-17 | N/A | 6.5 MEDIUM |
| A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_433188` function in `prog.cgi` stores user-supplied email configuration parameters (`EmailFrom`, `EmailTo`, `SMTPServerAddress`, `SMTPServerPort`, `AccountName`) in NVRAM via `nvram_safe_set`. These values are later retrieved in the `sub_448FDC` function of `rc` using `nvram_safe_get` and concatenated into shell commands executed via `twsystem()` without sanitization. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface. | |||||