← Back

Dsl 2680 Firmware

dsl-2680_firmware

Vendor: Dlink • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-19226
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POS...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POST request without being authenticated on the admin interface.Show less
CVE-2019-19225
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a cra...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns_1 POST request.Show less
CVE-2019-19224
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request witho...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request without being authenticated on the admin interface.Show less
CVE-2019-19223
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface.Show less
CVE-2019-19222
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted F...Show more
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wireless_autonetwork_1 POST request.Show less