← Back

Dlink

dlink

1,707 CVEs • 918 products

Products (918)

Click to collapse
Toggle
G416 Firmware
g416_firmware
D View 8
d-view_8

CVEs (1,707)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Dlink
1Dir 605 Firmware
Jun 17, 2026
Dec 18, 2025
7.3 HIGH· v4
7.2 HIGH· v3
8.3 HIGH· v2
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can...Show more
A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.Show less
1Dlink
1Dap 1325 Firmware
Jun 17, 2026
Dec 16, 2025
8.7 HIGH· v4
7.5 HIGH· v3
N/A· v2
D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attackers to download device configuration settings without authentication. Attackers can exploit the /cgi-...Show more
D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attackers to download device configuration settings without authentication. Attackers can exploit the /cgi-bin/ExportSettings.sh endpoint to retrieve sensitive configuration information by directly accessing the export settings script.Show less
1Dlink
2Dir 860l B1 Firmware
Dir 868l B1 Firmware
Jun 17, 2026
Dec 14, 2025
7.4 HIGH· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is...Show more
A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.Show less
1Dlink
1Dir 803 Firmware
Jun 17, 2026
Dec 11, 2025
5.5 MEDIUM· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZED_GROUP results in info...Show more
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZED_GROUP results in information disclosure. The attack may be performed from remote. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.Show less
1Dlink
1Dcs 930l Firmware
Jun 17, 2026
Dec 8, 2025
2.1 LOW· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection....Show more
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.Show less
1Dlink
1Dir 823x Firmware
Jun 17, 2026
Dec 8, 2025
2.1 LOW· v4
6.3 MEDIUM· v3
6.5 MEDIUM· v2
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub_415028 of the file /goform/set_wan_settings. The manipulation of the argument ppp_username results in command injection...Show more
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub_415028 of the file /goform/set_wan_settings. The manipulation of the argument ppp_username results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.Show less
1Dlink
1R15 Firmware
Jun 17, 2026
Dec 2, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command inject...Show more
A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd.Show less
1Dlink
1Dir 852 Firmware
Jun 17, 2026
Nov 23, 2025
5.5 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed re...Show more
A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.Show less
1Dlink
1Dwr M920 Firmware
Jun 17, 2026
Nov 23, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub_41C7FC of the file /boafrm/formPinManageSetup. This manipulation of the argument submit-url causes buffer overflow. It is possible t...Show more
A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub_41C7FC of the file /boafrm/formPinManageSetup. This manipulation of the argument submit-url causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.Show less
1Dlink
2Dir 822k Firmware
Dwr M920 Firmware
Jun 17, 2026
Nov 23, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file /boafrm/formWlEncrypt. The manipulation of the argument submit-url r...Show more
A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file /boafrm/formWlEncrypt. The manipulation of the argument submit-url results in buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.Show less
1Dlink
2Dir 822k Firmware
Dwr M920 Firmware
Jun 17, 2026
Nov 23, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The affected element is an unknown function of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url l...Show more
A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The affected element is an unknown function of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.Show less
1Dlink
2Dir 822k Firmware
Dwr M920 Firmware
Jun 17, 2026
Nov 23, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lea...Show more
A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.Show less
1Dlink
1Dir 822k Firmware
Jun 17, 2026
Nov 23, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability was found in D-Link DIR-822K 1.00. This issue affects the function sub_455524 of the file /boafrm/formNtp. Performing manipulation of the argument submit-url results in buffer overflow. Remote exploitatio...Show more
A vulnerability was found in D-Link DIR-822K 1.00. This issue affects the function sub_455524 of the file /boafrm/formNtp. Performing manipulation of the argument submit-url results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.Show less
1Dlink
2Dir 822k Firmware
Dwr M920 Firmware
Jun 17, 2026
Nov 23, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This vulnerability affects unknown code of the file /boafrm/formFirewallAdv. Such manipulation of the argument submit-url leads t...Show more
A vulnerability has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This vulnerability affects unknown code of the file /boafrm/formFirewallAdv. Such manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
1Dlink
2Dir 822k Firmware
Dwr M920 Firmware
Jun 17, 2026
Nov 23, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A flaw has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This affects an unknown part of the file /boafrm/formDdns. This manipulation of the argument submit-url causes memory corruption. The atta...Show more
A flaw has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This affects an unknown part of the file /boafrm/formDdns. This manipulation of the argument submit-url causes memory corruption. The attack may be initiated remotely. The exploit has been published and may be used.Show less
1Dlink
1Dir 868l Firmware
Jun 17, 2026
Nov 19, 2025
N/A· v4
7.3 HIGH· v3
N/A· v2
D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthen...Show more
D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command.Show less
1Dlink
4Dir 822k Firmware
Dir 825m FirmwareDwr M920 Firmware+1 more
Jun 17, 2026
Nov 18, 2025
2.1 LOW· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host lead...Show more
A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.Show less
1Dlink
5Dir 825m Firmware
Dwr M920 FirmwareDwr M921 Firmware+2 more
Jun 17, 2026
Nov 17, 2025
7.4 HIGH· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of...Show more
A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.Show less
1Dlink
5Dir 825m Firmware
Dwr M920 FirmwareDwr M921 Firmware+2 more
Jun 17, 2026
Nov 17, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation...Show more
A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.Show less
1Dlink
1Dir 816l Firmware
Jun 17, 2026
Nov 15, 2025
7.4 HIGH· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the at...Show more
A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.Show less