Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Dlink Subscribe
Total 844 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42999 1 Dlink 2 Dir-816, Dir-816 Firmware 2023-08-08 N/A 7.5 HIGH
D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm.
CVE-2022-44801 1 Dlink 2 Dir-878, Dir-878 Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control.
CVE-2022-36526 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2023-08-08 N/A 7.5 HIGH
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass via function phpcgi_main in cgibin.
CVE-2022-43184 1 Dlink 2 Dir-878, Dir-878 Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi.
CVE-2022-36756 1 Dlink 2 Dir-845l, Dir-845l Firmware 2023-08-08 N/A 9.8 CRITICAL
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php.
CVE-2022-44930 1 Dlink 2 Dhp-w310av, Dhp-w310av Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function.
CVE-2022-36755 1 Dlink 2 Dir-845l, Dir-845l Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.
CVE-2022-42159 1 Dlink 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more 2023-08-08 N/A 4.3 MEDIUM
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator.
CVE-2022-38258 1 Dlink 2 Dir-819, Dir-819 Firmware 2023-08-08 N/A 8.1 HIGH
A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request.
CVE-2022-36524 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2023-08-08 N/A 7.5 HIGH
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static Default Credentials via /etc/init0.d/S80telnetd.sh.
CVE-2022-37057 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main.
CVE-2022-28895 1 Dlink 2 Dir-882, Dir-882 Firmware 2023-08-08 10.0 HIGH 9.8 CRITICAL
A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
CVE-2022-37123 1 Dlink 2 Dir-816, Dir-816 Firmware 2023-08-08 N/A 8.8 HIGH
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi.
CVE-2022-37130 1 Dlink 2 Dir-816, Dir-816 Firmware 2023-08-08 N/A 9.8 CRITICAL
In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability
CVE-2022-46476 1 Dlink 2 Dir-859 A1, Dir-859 A1 Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function.
CVE-2022-28896 1 Dlink 2 Dir-882, Dir-882 Firmware 2023-08-08 10.0 HIGH 9.8 CRITICAL
A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
CVE-2022-38557 1 Dlink 2 Dir-845l, Dir-845l Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.
CVE-2022-26258 1 Dlink 2 Dir-820l, Dir-820l Firmware 2023-08-08 7.5 HIGH 9.8 CRITICAL
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
CVE-2022-28901 1 Dlink 2 Dir-882, Dir-882 Firmware 2023-08-08 10.0 HIGH 9.8 CRITICAL
A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.
CVE-2022-37056 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2023-08-08 N/A 9.8 CRITICAL
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main,