Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
D-Link DIR-823-Pro 1.02 has improper permission control, allowing unauthorized users to turn on and access Telnet services.
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user p
The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp.
CVE-2024-41610
CRITICAL CVSS 9.8
Find Similar
D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands.
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to exec
CVE-2025-25746
CRITICAL CVSS 9.8
Find Similar
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetWanSettings module.
D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings.
Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.
A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/Se
CVE-2025-25742
CRITICAL CVSS 9.8
Find Similar
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module.
CVE-2025-25744
CRITICAL CVSS 9.8
Find Similar
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetDynamicDNSSettings module.
CVE-2024-45697
CRITICAL CVSS 9.8
Find Similar
Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS comma
CVE-2024-39962
CRITICAL CVSS 9.8
Find Similar
D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability in the ntp_zone_val parameter at /goform/set_ntp. This vulner
CVE-2025-29165
CRITICAL CVSS 9.8
Find Similar
An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the SetVirtualServerSettings module.
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8
CVE-2024-41611
CRITICAL CVSS 9.8
Find Similar
In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands.
CVE-2025-29635
HIGH CVSS 7.2 KEV
Find Similar
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibitin
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrary
Page 1+ Next →