← Back

D Link

d-link

112 CVEs • 127 products

Products (127)

Click to collapse
Toggle
Dsl 3782 Firmware
dsl-3782_firmware
7 CVEs
Dir 823g Firmware
dir-823g_firmware
5 CVEs
Dir 822 Firmware
dir-822_firmware
5 CVEs
Di 604
di-604
4 CVEs
Di 614+
di-614+
3 CVEs
Dsl G604t
dsl-g604t
3 CVEs
Dsl G624t
dsl-g624t
3 CVEs
Dir 818l(w) Firmware
dir-818l(w)_firmware
3 CVEs
Dir 615 Firmware
dir-615_firmware
3 CVEs
Dvg N5402sp Firmware
dvg-n5402sp_firmware
3 CVEs
Dnr 326 Firmware
dnr-326_firmware
3 CVEs
Dns 327l Firmware
dns-327l_firmware
3 CVEs
Dir 620 Firmware
dir-620_firmware
3 CVEs
Dcs 825l Firmware
dcs-825l_firmware
3 CVEs
Dir 878 Firmware
dir-878_firmware
3 CVEs
Dl 704
dl-704
2 CVEs
Dwl 1000ap
dwl-1000ap
2 CVEs
Di 804
di-804
2 CVEs
Dwl 900ap+
dwl-900ap+
2 CVEs
Di 784
di-784
2 CVEs
Dph 540
dph-540
2 CVEs
Dph 541
dph-541
2 CVEs
Dap 2253 Firmware
dap_2253_firmware
2 CVEs
Dap 2253
dap_2253
2 CVEs
Dcs 2103 Hd Cube Network Camera Firmware
dcs-2103_hd_cube_network_camera_firmware
2 CVEs
Dir 880l Firmware
dir-880l_firmware
2 CVEs
Dir 600m Firmware
dir-600m_firmware
2 CVEs
Dns 322l Firmware
dns-322l_firmware
2 CVEs
Dns 320l Firmware
dns-320l_firmware
2 CVEs
Dir 130 Firmware
dir-130_firmware
2 CVEs
Dir 330 Firmware
dir-330_firmware
2 CVEs
Dir 816 A2 Firmware
dir-816_a2_firmware
2 CVEs
Dir 550a Firmware
dir-550a_firmware
2 CVEs
Dir 604m Firmware
dir-604m_firmware
2 CVEs
Dir 809 A1 Firmware
dir-809_a1_firmware
2 CVEs
Dir 809 A2 Firmware
dir-809_a2_firmware
2 CVEs
Dir 809 Guestzone Firmware
dir-809_guestzone_firmware
2 CVEs
Dir 619l Firmware
dir-619l_firmware
2 CVEs
Dir 605l Firmware
dir-605l_firmware
2 CVEs
Dir 868l Firmware
dir-868l_firmware
2 CVEs
Dvg G5402sp Firmware
dvg-g5402sp_firmware
2 CVEs
Dp 303
dp-303
1 CVE
Di 624
di-624
1 CVE
Dcs 900 Internet Camera
dcs-900_internet_camera
1 CVE
Di 704p
di-704p
1 CVE
Dsl 502t
dsl-502t
1 CVE
Dsl 504t
dsl-504t
1 CVE
Dsl 562t
dsl-562t
1 CVE
Di 524
di-524
1 CVE
Dwl G700ap
dwl-g700ap
1 CVE
Dsa 3100 Airspot Gateway
dsa-3100_airspot_gateway
1 CVE
Dwl 2100ap
dwl-2100ap
1 CVE
Di 604 Broadband Router
di-604_broadband_router
1 CVE
Ebr 2310 Ethernet Broadband Router
ebr-2310_ethernet_broadband_router
1 CVE
Wbr 1310 Wireless G Router
wbr-1310_wireless_g_router
1 CVE
Wbr 2310 Rangebooster G Router
wbr-2310_rangebooster_g_router
1 CVE
Dwl G132
dwl-g132
1 CVE
Dwl 2000ap+
dwl-2000ap+
1 CVE
Tftp Server
tftp_server
1 CVE
Dir 100
dir-100
1 CVE
Mpeg4 Shm Audio Control
mpeg4_shm_audio_control
1 CVE
Dir 400
dir-400
1 CVE
Dkvm Ip8
dkvm-ip8
1 CVE
Dir 655 Firmware
dir-655_firmware
1 CVE
Dir 655
dir-655
1 CVE
Dir 850l Firmare
dir-850l_firmare
1 CVE
Dir 895l Firmware
dir-895l_firmware
1 CVE
Dir 817l(w) Firmware
dir-817l(w)_firmware
1 CVE
Dir 890l Firmware
dir-890l_firmware
1 CVE
Dir 823 Firmware
dir-823_firmware
1 CVE
Dir 885l Firmware
dir-885l_firmware
1 CVE
Di 524 Firmware
di-524_firmware
1 CVE
Dap 1353 H/w B1 Firmware
dap-1353_h/w_b1_firmware
1 CVE
Dap 2553 H/w A1 Firmware
dap-2553_h/w_a1_firmware
1 CVE
Dap 3520 H/w A1 Firmware
dap-3520_h/w_a1_firmware
1 CVE
Dns 325 Firmware
dns-325_firmware
1 CVE
Dns 345 Firmware
dns-345_firmware
1 CVE
Dns 320b Firmware
dns-320b_firmware
1 CVE
Dns 320lw Firmware
dns-320lw_firmware
1 CVE
Dnr 320l Firmware
dnr-320l_firmware
1 CVE
Dir 600l Firmware
dir-600l_firmware
1 CVE
Dcs 936l
dcs-936l
1 CVE
Dsl 2540u Firmware
dsl-2540u_firmware
1 CVE
Dsl 2640u Firmware
dsl-2640u_firmware
1 CVE
Dir 600m C1 Firmware
dir-600m_c1_firmware
1 CVE
Mydlink+
mydlink+
1 CVE
Dir 615 T1 Firmware
dir-615_t1_firmware
1 CVE
Dir 629 B Firmware
dir-629-b_firmware
1 CVE
Dir 885l/r Firmware
dir-885l/r_firmware
1 CVE
Dir 895l/r Firmware
dir-895l/r_firmware
1 CVE
Dir 846 Firmware
dir-846_firmware
1 CVE
Dsl 2640t Firmware
dsl-2640t_firmware
1 CVE
Dcs 936l Firmware
dcs-936l_firmware
1 CVE
Dcs 8000lh Firmware
dcs-8000lh_firmware
1 CVE
Dcs 942lb1 Firmware
dcs-942lb1_firmware
1 CVE
Dcs 5222l Firmware
dcs-5222l_firmware
1 CVE
Dcs 2630l Firmware
dcs-2630l_firmware
1 CVE
Dcs 820l Firmware
dcs-820l_firmware
1 CVE
Dcs 855l Firmware
dcs-855l_firmware
1 CVE
Dcs 2121 Firmware
dcs-2121_firmware
1 CVE

CVEs (112)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2009-3347
1D Link
1Dir 400
Apr 23, 2026
Sep 24, 2009
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE...Show more
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.Show less
CVE-2008-4771
34xem
D LinkVivotek
3Mpeg4 Shm Audio Control
Rtsp Mpeg4 Sp ControlVatctrl Class
Apr 23, 2026
Oct 28, 2008
N/A· v4
N/A· v3
9.3 HIGH· v2
Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 S...Show more
Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.Show less
CVE-2008-4133
1D Link
1Dir 100
Apr 23, 2026
Sep 19, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.
CVE-2008-1258
1D Link
1Di 604
Apr 23, 2026
Mar 10, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter.
CVE-2008-1253
1D Link
1Dsl G604t
Apr 23, 2026
Mar 10, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for adv...Show more
Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page.Show less
CVE-2007-3348
1D Link
2Dph 540
Dph 541
Apr 23, 2026
Jun 22, 2007
N/A· v4
N/A· v3
7.8 HIGH· v2
The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message.
CVE-2007-3347
1D Link
2Dph 540
Dph 541
Apr 23, 2026
Jun 22, 2007
N/A· v4
N/A· v3
7.8 HIGH· v2
The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by commu...Show more
The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.Show less
CVE-2007-1435
1D Link
1Tftp Server
Apr 23, 2026
Mar 13, 2007
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is...Show more
Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2006-6538
1D Link
1Dwl 2000ap+
Apr 23, 2026
Dec 14, 2006
N/A· v4
N/A· v3
7.8 HIGH· v2
D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a f...Show more
D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link.Show less
CVE-2006-6055
1D Link
1Dwl G132
Apr 23, 2026
Nov 22, 2006
N/A· v4
N/A· v3
10.0 HIGH· v2
Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).
CVE-2006-5538
1D Link
1Dsl G624t
Apr 23, 2026
Oct 26, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request.
CVE-2006-5537
1D Link
1Dsl G624t
Apr 23, 2026
Oct 26, 2006
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or...Show more
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection parameters.Show less
CVE-2006-5536
1D Link
1Dsl G624t
Apr 23, 2026
Oct 26, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter.
CVE-2006-3687
2D Link
Dlink
7Di 524
Di 604 Broadband RouterDi 624+4 more
Apr 16, 2026
Jul 21, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Etherne...Show more
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.Show less
CVE-2006-2901
1D Link
1Dwl 2100ap
Apr 16, 2026
Jun 7, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration...Show more
The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.Show less
CVE-2006-2653
1D Link
1Dsa 3100 Airspot Gateway
Apr 16, 2026
May 30, 2006
N/A· v4
N/A· v3
2.6 LOW· v2
Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter.
CVE-2006-2337
1D Link
1Dsl G604t
Apr 16, 2026
May 12, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter.
CVE-2006-0784
1D Link
1Dwl G700ap
Apr 16, 2026
Feb 19, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the...Show more
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.Show less
CVE-2005-4723
2D Link
Dlink
4Di 524
Di 524Di 624+1 more
Apr 16, 2026
Dec 31, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment.
CVE-2005-1680
1D Link
4Dsl 502t
Dsl 504tDsl 562t+1 more
Apr 16, 2026
May 20, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request...Show more
D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address.Show less