Dlink Dap-2622 Firmware vulnerabilities
54 known vulnerabilities affecting dlink/dap-2622_firmware.
Total CVEs
54
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH51MEDIUM3
Vulnerabilities
Page 3 of 3
CVE-2023-35724HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35724 [HIGH] CWE-798 CVE-2023-35724: D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vu
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the CLI service, which listens on
nvd
CVE-2023-37324HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-37324 [HIGH] CWE-121 CVE-2023-37324: D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Executio
D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP
nvd
CVE-2023-35733HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35733 [HIGH] CWE-121 CVE-2023-35733: D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Executi
D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP
nvd
CVE-2023-35754HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35754 [HIGH] CWE-121 CVE-2023-35754: D-Link DAP-2622 DDP Set AG Profile NMS URL Stack-based Buffer Overflow Remote Code Execution Vulnera
D-Link DAP-2622 DDP Set AG Profile NMS URL Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service.
nvd
CVE-2023-35753HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35753 [HIGH] CWE-121 CVE-2023-35753: D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerabil
D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service. The
nvd
CVE-2023-37313HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-37313 [HIGH] CWE-121 CVE-2023-37313: D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution
D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP s
nvd
CVE-2023-35730HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35730 [HIGH] CWE-121 CVE-2023-35730: D-Link DAP-2622 DDP Reset Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerabil
D-Link DAP-2622 DDP Reset Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service. The
nvd
CVE-2023-35736HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35736 [HIGH] CWE-121 CVE-2023-35736: D-Link DAP-2622 DDP Change ID Password New Password Stack-based Buffer Overflow Remote Code Executio
D-Link DAP-2622 DDP Change ID Password New Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP
nvd
CVE-2023-37312HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-37312 [HIGH] CWE-121 CVE-2023-37312: D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vu
D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP serv
nvd
CVE-2023-37316HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-37316 [HIGH] CWE-121 CVE-2023-37316: D-Link DAP-2622 DDP Set IPv6 Address Default Gateway Stack-based Buffer Overflow Remote Code Executi
D-Link DAP-2622 DDP Set IPv6 Address Default Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP
nvd
CVE-2023-35744HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35744 [HIGH] CWE-121 CVE-2023-35744: D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Cod
D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists withi
nvd
CVE-2023-35741HIGHCVSS 8.8fixed in 1.10b03r0222024-05-03
CVE-2023-35741 [HIGH] CWE-121 CVE-2023-35741: D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution
D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP ser
nvd
CVE-2023-44416MEDIUMCVSS 6.8v1.002024-05-03
CVE-2023-44416 [MEDIUM] CWE-78 CVE-2023-44416: D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability. This vulnerability
D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622. Authentication is required to exploit this vulnerability.
The specific flaw exists within the CLI service, which listens on TCP port 23. The iss
nvd
CVE-2023-35750MEDIUMCVSS 6.5fixed in 1.10b03r0222024-05-03
CVE-2023-35750 [MEDIUM] CWE-200 CVE-2023-35750: D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability. This vulnerability a
D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service. The issue results
nvd
← Previous3 / 3