Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-44083
CRITICAL CVSS 9.8
Find Similar
An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authentication
CVE-2024-45698
CRITICAL CVSS 9.8
Find Similar
Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inje
Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack.
CVE-2025-41273
CRITICAL CVSS 9.3
Find Similar
Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows
Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the devic
A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authentication bypass by spoofing. The attack ca
CVE-2025-59367
CRITICAL CVSS 9.3
Find Similar
An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update
An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS 6.4.0 through 6.4.15, FortiOS 6.2.0 through 6.2.16, FortiOS 6.0 all versions, FortiPAM 1.2.0, Fo
The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Additionally, since the device's d
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the traceroute6 function.
Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the high-
CVE-2025-29515
CRITICAL CVSS 9.8
Find Similar
Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modify arbitrary settings within the device's XML database, incl
CVE-2024-45697
CRITICAL CVSS 9.8
Find Similar
Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS comma
CVE-2024-41616
CRITICAL CVSS 9.8
Find Similar
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.
CVE-2024-41611
CRITICAL CVSS 9.8
Find Similar
In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands.
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the backup function.
CVE-2025-29514
CRITICAL CVSS 9.8
Find Similar
Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request
CVE-2024-11068
CRITICAL CVSS 9.8
Find Similar
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access
Page 1+ Next →