← Back

Dlink

dlink

1,706 CVEs • 918 products

Products (918)

Click to collapse
Toggle
Dir 816 Firmware
dir-816_firmware
73 CVEs
Dir 605l Firmware
dir-605l_firmware
65 CVEs
Dir 619l Firmware
dir-619l_firmware
65 CVEs
Dir 823g Firmware
dir-823g_firmware
58 CVEs
Dap 2622 Firmware
dap-2622_firmware
54 CVEs
Dns 320 Firmware
dns-320_firmware
52 CVEs
Dir 513 Firmware
dir-513_firmware
47 CVEs
Dns 320lw Firmware
dns-320lw_firmware
45 CVEs
Dns 325 Firmware
dns-325_firmware
45 CVEs
Dns 340l Firmware
dns-340l_firmware
45 CVEs
Dns 343 Firmware
dns-343_firmware
43 CVEs
Dns 320l Firmware
dns-320l_firmware
42 CVEs
Dns 120 Firmware
dns-120_firmware
42 CVEs
Dnr 202l Firmware
dnr-202l_firmware
42 CVEs
Dns 315l Firmware
dns-315l_firmware
42 CVEs
Dns 321 Firmware
dns-321_firmware
42 CVEs
Dns 323 Firmware
dns-323_firmware
42 CVEs
Dns 326 Firmware
dns-326_firmware
42 CVEs
Dns 327l Firmware
dns-327l_firmware
42 CVEs
Dnr 326 Firmware
dnr-326_firmware
42 CVEs
Dns 345 Firmware
dns-345_firmware
42 CVEs
Dns 726 4 Firmware
dns-726-4_firmware
42 CVEs
Dns 1100 4 Firmware
dns-1100-4_firmware
42 CVEs
Dns 1200 05 Firmware
dns-1200-05_firmware
42 CVEs
Dns 1550 04 Firmware
dns-1550-04_firmware
42 CVEs
Dir 878 Firmware
dir-878_firmware
41 CVEs
Dir 823x Firmware
dir-823x_firmware
39 CVEs
Dap 1325 Firmware
dap-1325_firmware
37 CVEs
Dir 600l Firmware
dir-600l_firmware
36 CVEs
Di 8003 Firmware
di-8003_firmware
35 CVEs
Dir 882 Firmware
dir-882_firmware
31 CVEs
Dir 850l Firmware
dir-850l_firmware
27 CVEs
Di 8100 Firmware
di-8100_firmware
27 CVEs
Dir 3040 Firmware
dir-3040_firmware
25 CVEs
Dar 7000 Firmware
dar-7000_firmware
23 CVEs
Dir X3260 Firmware
dir-x3260_firmware
23 CVEs
Dwr M960 Firmware
dwr-m960_firmware
22 CVEs
Dns 322l Firmware
dns-322l_firmware
22 CVEs
Dnr 322l Firmware
dnr-322l_firmware
21 CVEs
Di 7003g Firmware
di-7003g_firmware
21 CVEs
G416 Firmware
g416_firmware
21 CVEs
Dir 868l Firmware
dir-868l_firmware
20 CVEs
Dir 825 Firmware
dir-825_firmware
19 CVEs
Dir 615 Firmware
dir-615_firmware
19 CVEs
D View 8
d-view_8
19 CVEs
Dcs 1130 Firmware
dcs-1130_firmware
18 CVEs
Dap 2020 Firmware
dap-2020_firmware
18 CVEs
Dsl 3782 Firmware
dsl-3782_firmware
17 CVEs
Dir 2150 Firmware
dir-2150_firmware
17 CVEs
Dap 1360 Firmware
dap-1360_firmware
16 CVEs
Dir 822 Firmware
dir-822_firmware
16 CVEs
Dir 865l Firmware
dir-865l_firmware
16 CVEs
Dwr M920 Firmware
dwr-m920_firmware
16 CVEs
Dir 816l Firmware
dir-816l_firmware
15 CVEs
Dir 820l Firmware
dir-820l_firmware
15 CVEs
Dir 815 Firmware
dir-815_firmware
15 CVEs
Go Rt Ac750 Firmware
go-rt-ac750_firmware
15 CVEs
Dir 1935 Firmware
dir-1935_firmware
15 CVEs
Di 7200g Firmware
di-7200g_firmware
15 CVEs
Dcs 932l Firmware
dcs-932l_firmware
14 CVEs
Dir 816 A2 Firmware
dir-816_a2_firmware
13 CVEs
Dir 846 Firmware
dir-846_firmware
13 CVEs
Di 7300g+ Firmware
di-7300g+_firmware
13 CVEs
Dir 645 Firmware
dir-645_firmware
12 CVEs
Dcs 1100 Firmware
dcs-1100_firmware
12 CVEs
Di 7400g+ Firmware
di-7400g+_firmware
12 CVEs
Dsr 250n Firmware
dsr-250n_firmware
11 CVEs
Dap 2695 Firmware
dap-2695_firmware
11 CVEs
Central Wifimanager
central_wifimanager
11 CVEs
Di 7100g+ Firmware
di-7100g+_firmware
11 CVEs
Dir 600 Firmware
dir-600_firmware
10 CVEs
Dwr 932b Firmware
dwr-932b_firmware
10 CVEs
Dir 860l Firmware
dir-860l_firmware
10 CVEs
Dir 890l Firmware
dir-890l_firmware
10 CVEs
Dsl 7740c Firmware
dsl-7740c_firmware
10 CVEs
Dir 882 A1 Firmware
dir-882_a1_firmware
10 CVEs
Dsr 250 Firmware
dsr-250_firmware
9 CVEs
Dsr 1000n Firmware
dsr-1000n_firmware
9 CVEs
Dir 809 Firmware
dir-809_firmware
9 CVEs
Dir 880l Firmware
dir-880l_firmware
9 CVEs
Dir 2640 Firmware
dir-2640_firmware
9 CVEs
Dir 845l Firmware
dir-845l_firmware
9 CVEs
Dsr 500 Firmware
dsr-500_firmware
8 CVEs
Dsr 150n Firmware
dsr-150n_firmware
8 CVEs
Dsr 150 Firmware
dsr-150_firmware
8 CVEs
Dsr 500n Firmware
dsr-500n_firmware
8 CVEs
Dir 818l(w) Firmware
dir-818l(w)_firmware
8 CVEs
Dir 300 Firmware
dir-300_firmware
8 CVEs
Dir 859 Firmware
dir-859_firmware
8 CVEs
Di 7200gv2 Firmware
di-7200gv2_firmware
8 CVEs
Dir 823 Pro Firmware
dir-823_pro_firmware
8 CVEs
Dir 619 Firmware
dir-619_firmware
8 CVEs
Dar 8000 Firmware
dar-8000_firmware
8 CVEs
Dir 853 Firmware
dir-853_firmware
8 CVEs
Dir 618 Firmware
dir-618_firmware
8 CVEs
Dcs 2121 Firmware
dcs-2121_firmware
7 CVEs
Dsr 1000 Firmware
dsr-1000_firmware
7 CVEs
Dap 2660 Firmware
dap-2660_firmware
7 CVEs
Dsl 2750u Firmware
dsl-2750u_firmware
7 CVEs
6600 Ap Firmware
6600-ap_firmware
7 CVEs

CVEs (1,706)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-11021
1Dlink
1Dcs 930l Firmware
Nov 5, 2025
Mar 9, 2020
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.
CVE-2020-10216
2Dlink
Trendnet
2Dir 825 Firmware
Tew 632brp Firmware
Jun 17, 2026
Mar 7, 2020
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affec...Show more
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.Show less
CVE-2020-10215
2Dlink
Trendnet
2Dir 825 Firmware
Tew 632brp Firmware
Jun 17, 2026
Mar 7, 2020
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is al...Show more
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.Show less
CVE-2020-10214
1Dlink
1Dir 825 Firmware
Jun 17, 2026
Mar 7, 2020
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a suffic...Show more
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server.Show less
CVE-2020-10213
2Dlink
Trendnet
2Dir 825 Firmware
Tew 632brp Firmware
Jun 17, 2026
Mar 7, 2020
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632B...Show more
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.Show less
CVE-2019-20501
1Dlink
1Dwl 2600ap Firmware
Jun 17, 2026
Mar 5, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade fi...Show more
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade firmwareRestore or firmwareServerip parameter.Show less
CVE-2019-20500
1Dlink
1Dwl 2600ap Firmware
Jun 17, 2026
Mar 5, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_s...Show more
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.Show less
CVE-2019-20499
1Dlink
1Dwl 2600ap Firmware
Jun 17, 2026
Mar 5, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=confi...Show more
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter.Show less
CVE-2019-19226
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POS...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POST request without being authenticated on the admin interface.Show less
CVE-2019-19225
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a cra...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns_1 POST request.Show less
CVE-2019-19224
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request witho...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request without being authenticated on the admin interface.Show less
CVE-2019-19223
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on...Show more
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface.Show less
CVE-2019-19222
1Dlink
1Dsl 2680 Firmware
Jun 17, 2026
Mar 4, 2020
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted F...Show more
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wireless_autonetwork_1 POST request.Show less
CVE-2020-9535
1Dlink
1Dir 615jx10 Firmware
Jun 17, 2026
Mar 2, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup_Wizard webpage parameter when f_radius_ip1 is malformed.
CVE-2020-9534
1Dlink
1Dir 615jx10 Firmware
Jun 17, 2026
Mar 2, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when f_radius_ip1 is malformed.
CVE-2020-8862
1Dlink
1Dap 2610 Firmware
Jun 17, 2026
Feb 22, 2020
N/A· v4
8.8 HIGH· v3
8.3 HIGH· v2
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The sp...Show more
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from the lack of proper password checking. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-10082.Show less
CVE-2020-8861
1Dlink
1Dap 1330 Firmware
Jun 17, 2026
Feb 22, 2020
N/A· v4
8.8 HIGH· v3
8.3 HIGH· v2
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability....Show more
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of cookies. An attacker can leverage this vulnerability to execute arbitrary code on the router. Was ZDI-CAN-9554.Show less
CVE-2020-6842
1Dlink
1Dch M225 Firmware
Jun 17, 2026
Feb 21, 2020
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name.
CVE-2020-6841
1Dlink
1Dch M225 Firmware
Jun 17, 2026
Feb 21, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.
CVE-2012-6614
1Dlink
1Dsr 250n Firmware
Nov 21, 2024
Feb 19, 2020
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password.