Filtered by vendor D-link
Subscriptions
Total
577 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-1419 | 2 D-link, Dlink | 3 Dcs700l, Dcs-700l, Dcs-700l Firmware | 2026-04-18 | 4.7 Medium |
| A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-1448 | 2 D-link, Dlink | 3 Dir-615, Dir-615, Dir-615 Firmware | 2026-04-18 | 7.2 High |
| A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wiz_policy_3_machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-1505 | 2 D-link, Dlink | 3 Dir-615, Dir-615, Dir-615 Firmware | 2026-04-18 | 7.2 High |
| A vulnerability was found in D-Link DIR-615 4.10. This issue affects some unknown processing of the file /set_temp_nodes.php of the component URL Filter. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-1532 | 2 D-link, Dlink | 3 Dcs-700l, Dcs-700l, Dcs-700l Firmware | 2026-04-18 | 2.4 Low |
| A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of the argument UploadMusic leads to path traversal. The attack can only be initiated within the local network. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-1544 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-18 | 6.3 Medium |
| A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub_41E2A0 of the file /goform/set_mode. Performing a manipulation of the argument lan_gateway results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-1744 | 2 D-link, Dlink | 3 Dsl-6641k, Dsl-6641k, Dsl-6641k Firmware | 2026-04-18 | 2.4 Low |
| A vulnerability was found in D-Link DSL-6641K N8.TR069.20131126. Affected by this issue is the function doSubmitPPP of the file sp_pppoe_user.js. The manipulation of the argument Username results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-2055 | 2 D-link, Dlink | 6 Dir-605l, Dir-619l, Dir-605l and 3 more | 2026-04-17 | 5.3 Medium |
| A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-2063 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 4.7 Medium |
| A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/set_ac_server of the component Web Management Interface. The manipulation of the argument ac_server results in os command injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-2081 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 4.7 Medium |
| A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_password. This manipulation of the argument http_passwd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-2082 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 4.7 Medium |
| A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/set_mac_clone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used. | ||||
| CVE-2026-2120 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 7.2 High |
| A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/set_server_settings of the component Configuration Parameter Handler. The manipulation of the argument terminal_addr/server_ip/server_port leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-2129 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 7.2 High |
| A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/set_ac_status. Performing a manipulation of the argument ac_ipaddr/ac_ipstatus/ap_randtime results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-2142 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 7.2 High |
| A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_420688 of the file /goform/set_qos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-2143 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 7.2 High |
| A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/set_ddns of the component DDNS Service. The manipulation of the argument ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-2151 | 2 D-link, Dlink | 3 Dir-615, Dir-615, Dir-615 Firmware | 2026-04-17 | 7.2 High |
| A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file adv_firewall.php of the component DMZ Host Feature. Such manipulation of the argument dmz_ipaddr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-2155 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 7.2 High |
| A security flaw has been discovered in D-Link DIR-823X 250416. The affected element is the function sub_4208A0 of the file /goform/set_dmz of the component Configuration Handler. The manipulation of the argument dmz_host/dmz_enable results in os command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-2163 | 2 D-link, Dlink | 3 Dir-600, Dir-600, Dir-600 Firmware | 2026-04-17 | 4.7 Medium |
| A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID leads to command injection. The attack may be launched remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-2168 | 2 D-link, Dlink | 3 Dwr-m921, Dwr-m921, Dwr-m921 Firmware | 2026-04-17 | 6.3 Medium |
| A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2026-2169 | 2 D-link, Dlink | 3 Dwr-m921, Dwr-m921, Dwr-m921 Firmware | 2026-04-17 | 6.3 Medium |
| A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fota_url leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-2175 | 2 D-link, Dlink | 3 Dir-823x, Dir-823x, Dir-823x Firmware | 2026-04-17 | 7.2 High |
| A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_420618 of the file /goform/set_upnp. This manipulation of the argument upnp_enable causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. | ||||