D-Link Multiple Routers vulnerabilities
6 known vulnerabilities affecting d-link/multiple_routers.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-41140HIGHCVSS 8.8v1.30B072023-01-26
CVE-2022-41140 [HIGH] CWE-121 CVE-2022-41140: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lighttpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the len
cvelistv5nvd
CVE-2020-27862HIGHCVSS 8.8vfirmware version 2.32021-02-12
CVE-2020-27862 [HIGH] CWE-77 CVE-2020-27862: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. When parsing the path parameter, the process does
cvelistv5nvd
CVE-2020-27863MEDIUMCVSS 6.5vfirmeware version 2.32021-02-12
CVE-2020-27863 [MEDIUM] CWE-288 CVE-2020-27863: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected i
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. The issue results from incorrect string
cvelistv5nvd
CVE-2020-15633HIGHCVSS 8.8v1.20B10_BETA2020-07-23
CVE-2020-15633 [HIGH] CWE-288 CVE-2020-15633: This vulnerability allows network-adjacent attackers to bypass authentication on affected installati
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP requests. The issue results from incorrect string matching
cvelistv5nvd
CVE-2020-8863HIGHCVSS 8.8v1.10B042020-03-23
CVE-2020-8863 [HIGH] CWE-303 CVE-2020-8863: This vulnerability allows network-adjacent attackers to bypass authentication on affected installati
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper impleme
cvelistv5nvd
CVE-2020-8864HIGHCVSS 8.8v1.10B042020-03-23
CVE-2020-8864 [HIGH] CWE-697 CVE-2020-8864: This vulnerability allows network-adjacent attackers to bypass authentication on affected installati
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handlin
cvelistv5nvd