Filtered by vendor Dlink
Subscriptions
Total
1129 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-7051 | 1 Dlink | 2 Dir-100, Dir-100 Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters | ||||
| CVE-2013-5945 | 1 Dlink | 16 Dsr-1000, Dsr-1000 Firmware, Dsr-1000n and 13 more | 2024-11-21 | 9.8 Critical |
| Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allow remote attackers to execute arbitrary SQL commands via the password to (1) the login.authenticate function in share/lua/5.1/teamf1lualib/login.lua or (2) captivePortal.lua. | ||||
| CVE-2013-4857 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-865L has PHP File Inclusion in the router xml file. | ||||
| CVE-2013-4856 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 6.5 Medium |
| D-Link DIR-865L has Information Disclosure. | ||||
| CVE-2013-4855 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | ||||
| CVE-2013-3096 | 1 Dlink | 2 Dir865l, Dir865l Firmware | 2024-11-21 | 5.9 Medium |
| D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability. | ||||
| CVE-2013-1603 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 5.3 Medium |
| An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream. | ||||
| CVE-2013-1602 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams. | ||||
| CVE-2013-1601 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 5.3 Medium |
| An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information. | ||||
| CVE-2013-1600 | 1 Dlink | 4 Dcs-2102, Dcs-2102 Firmware, Dcs-2121 and 1 more | 2024-11-21 | 5.3 Medium |
| An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information. | ||||
| CVE-2013-1599 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 9.8 Critical |
| A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface. | ||||
| CVE-2012-6614 | 1 Dlink | 2 Dsr-250n, Dsr-250n Firmware | 2024-11-21 | 7.2 High |
| D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. | ||||
| CVE-2012-6613 | 1 Dlink | 2 Dsr-250n, Dsr-250n Firmware | 2024-11-21 | 7.2 High |
| D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account. | ||||
| CVE-2024-11065 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11064 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11063 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11062 | 1 Dlink | 2 Dsl6740c, Dsl6740c Firmware | 2024-11-15 | 7.2 High |
| The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. | ||||
| CVE-2024-11046 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2024-11-13 | 6.3 Medium |
| A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11047 | 2 D-link, Dlink | 3 Di-8003 Firmware, Di-8003, Di-8003 Firmware | 2024-11-13 | 8.8 High |
| A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11048 | 2 D-link, Dlink | 3 Di-8003 Firmware, Di-8003, Di-8003 Firmware | 2024-11-13 | 8.8 High |
| A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||