Total
38 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10405 | 2 D-link, Dlink | 2 Dir-600l Firmware, Dir-600l | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17.B01 allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2026-42374 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2026-05-06 | N/A | 9.8 CRITICAL |
| D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. | |||||
| CVE-2026-42375 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2026-05-06 | N/A | 9.8 CRITICAL |
| D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. | |||||
| CVE-2014-8361 | 3 Aterm, Dlink, Realtek | 51 W1200ex, W1200ex-ms, W1200ex-ms Firmware and 48 more | 2026-04-22 | 10.0 HIGH | 9.8 CRITICAL |
| The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. | |||||
| CVE-2025-60566 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter. | |||||
| CVE-2025-60568 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvFirewall. | |||||
| CVE-2025-60569 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetRoute. | |||||
| CVE-2025-60570 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLogDnsquery. | |||||
| CVE-2025-60571 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600LAx FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetQoS. | |||||
| CVE-2025-60572 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvNetwork. | |||||
| CVE-2025-60547 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard7. | |||||
| CVE-2025-60548 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings. | |||||
| CVE-2025-60549 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAutoDetecWAN_wizard4. | |||||
| CVE-2025-60550 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formEasySetTimezone. | |||||
| CVE-2025-60551 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the next_page parameter in the function formDeviceReboot. | |||||
| CVE-2025-60553 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard52. | |||||
| CVE-2025-60552 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formTcpipSetup. | |||||
| CVE-2025-60557 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEasy_Wizard. | |||||
| CVE-2025-60554 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEnableWizard. | |||||
| CVE-2025-60555 | 1 Dlink | 2 Dir-600l, Dir-600l Firmware | 2025-10-28 | N/A | 7.5 HIGH |
| D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWizardSelectMode. | |||||