Dlink

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-44808 1Dlink 1Dir 823g Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Befo...Show more A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability.Show less
CVE-2022-44807 1Dlink 1Dir 882 Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.
CVE-2022-44806 1Dlink 1Dir 882 Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.
CVE-2022-44804 1Dlink 1Dir 882 Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.
CVE-2022-44801 1Dlink 1Dir 878 Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.
CVE-2022-44202 1Dlink 1Dir 878 Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.
CVE-2022-44201 1Dlink 1Dir 823g Firmware Jun 17, 2026 Nov 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR823G 1.02B05 is vulnerable to Commad Injection.
CVE-2022-44204 1Dlink 1Dir 3060 Firmware Jun 17, 2026 Nov 18, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow.
CVE-2022-36786 1Dlink 1Dsl 224 Firmware Jun 17, 2026 Nov 17, 2022 N/A· v4 9.9 CRITICAL· v3 N/A· v2 DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will...Show more DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router. Show less
CVE-2022-36785 1Dlink 1G Integrated Access Device4 Firmware Jun 17, 2026 Nov 17, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. Information Disclosure – file contains a URL with private IP at line 15 "login.asp" A. The window.location.href = http://192.168.1.1/...Show more D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. Information Disclosure – file contains a URL with private IP at line 15 "login.asp" A. The window.location.href = http://192.168.1.1/setupWizard.asp" http://192.168.1.1/setupWizard.asp" ; "admin" – contains default username value "login.asp" B. While accessing the web interface, the login form at *Authorization Bypass – URL by "setupWizard.asp' while it blocks direct access to – the web interface does not properly validate user identity variables values located at the client side, it is available to access it without a "login_glag" and "login_status" checking browser and to read the admin user credentials for the web interface. Show less
CVE-2022-43109 1Dlink 1Dir 823g Firmware Jun 17, 2026 Nov 3, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.
CVE-2020-21016 1Dlink 1Dir 846 Firmware Jun 17, 2026 Oct 31, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.
CVE-2022-43003 1Dlink 1Dir 816 Firmware Jun 17, 2026 Oct 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function.
CVE-2022-43002 1Dlink 1Dir 816 Firmware Jun 17, 2026 Oct 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54.
CVE-2022-43001 1Dlink 1Dir 816 Firmware Jun 17, 2026 Oct 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function.
CVE-2022-43000 1Dlink 1Dir 816 Firmware Jun 17, 2026 Oct 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4.
CVE-2022-42999 1Dlink 1Dir 816 Firmware Jun 17, 2026 Oct 26, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm.
CVE-2022-42998 1Dlink 1Dir 816 Firmware Jun 17, 2026 Oct 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd.
CVE-2022-43184 1Dlink 1Dir 878 Firmware Jun 17, 2026 Oct 19, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi.
CVE-2016-20017 1Dlink 1Dsl 2750b Firmware Nov 5, 2025 Oct 19, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.

Previous 1...575859...86 Next