| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. |
| A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub_4175CC of the file /goform/set_static_route_table. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. |
| A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub_4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. |
| A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /adv_mac_filter.php of the component MAC Filter Configuration. This manipulation of the argument mac causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. |
| A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impacted element is an unknown function of the file /wan_connection_status.asp of the component DHCP Connection Status Handler. The manipulation leads to information disclosure. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
| A vulnerability was determined in D-Link DIR-823X 250416. Affected by this issue is the function sub_424D20 of the file /goform/set_ipv6. Executing a manipulation can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. |
| A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/set_language. Executing a manipulation of the argument langSelection can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. |
| A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub_419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. |
| A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configuration Interface. Performing a manipulation of the argument dest_ip/ submask/ gw results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. |
| A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. |
| A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. |
| A vulnerability was determined in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_423E00 of the file /boafrm/formPortFw of the component Port Forwarding Configuration Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. |
| A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used. |
| A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub_41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. |
| A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. |
| Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the device’s DNS settings without valid credentials, enabling DNS hijacking (“DNSChanger”) attacks that redirect user traffic to attacker-controlled infrastructure. In 2019, D-Link reported that this behavior was leveraged by the "GhostDNS" malware ecosystem targeting consumer and carrier routers. All impacted products were subsequently designated end-of-life/end-of-service, and no longer receive security updates. Exploitation evidence was observed by the Shadowserver Foundation on 2025-11-27 (UTC). |
| A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used. |
| A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_wifidog_settings. Executing a manipulation of the argument wd_enable can lead to command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. |
