Dlink Dir-605L Firmware vulnerabilities

CVE-2026-2055 [MEDIUM] CWE-200 CVE-2026-2055: A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVE-2026-2056 [MEDIUM] CWE-200 CVE-2026-2056: A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impa A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impacted element is an unknown function of the file /wan_connection_status.asp of the component DHCP Connection Status Handler. The manipulation leads to information disclosure. Remote exploitation of the attack is possible. The exploit has been disclosed p

CVE-2026-2054 [MEDIUM] CWE-200 CVE-2026-2054: A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only af

CVE-2025-65731 [MEDIUM] CWE-306 CVE-2025-65731: An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control.

CVE-2012-10021 [CRITICAL] CWE-121 CVE-2012-10021: A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router fir A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied CAPTCHA data via the FILECODE parameter in /goform/formLogin. A remote unauthenticated attacker can exploit thi

CVE-2025-46176 [MEDIUM] CWE-77 CVE-2025-46176: Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.

CVE-2025-4442 [HIGH] CWE-119 CVE-2025-4442: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnera A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetWAN_Wizard55. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that a

CVE-2025-4445 [MEDIUM] CWE-74 CVE-2025-4445: A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the fu A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported

CVE-2025-4443 [MEDIUM] CWE-74 CVE-2025-4443: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affe A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The manipulation of the argument sysCmd leads to command injection. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer suppo

CVE-2025-4441 [HIGH] CWE-119 CVE-2025-4441: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affec A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formSetWAN_Wizard534. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that ar

CVE-2025-2550 [MEDIUM] CWE-266 CVE-2025-2550: A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Af A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/formSetDDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack needs to be initiated within the local network. The exploit has been disclos

CVE-2025-2552 [MEDIUM] CWE-266 CVE-2025-2552: A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been declared as problema A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/formTcpipSetup. The manipulation leads to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may

CVE-2025-2549 [MEDIUM] CWE-266 CVE-2025-2549: A vulnerability has been found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problemati A vulnerability has been found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/formSetPassword. The manipulation leads to improper access controls. The attack needs to be done within the local network. The exploit has been disclosed to the public and

CVE-2025-2548 [MEDIUM] CWE-266 CVE-2025-2548: A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/ A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/3.02. Affected is an unknown function of the file /goform/formSetDomainFilter. The manipulation leads to improper access controls. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. T

CVE-2025-2547 [MEDIUM] CWE-266 CVE-2025-2547: A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L 2.02/3.02. This issue affects some unknown processing of the file /goform/formAdvNetwork. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be us

CVE-2025-2546 [MEDIUM] CWE-266 CVE-2025-2546: A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This v A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This vulnerability affects unknown code of the file /goform/formAdvFirewall of the component Firewall Service. The manipulation leads to improper access controls. The attack needs to be approached within the local network. The exploit has been disclosed to th

CVE-2025-2553 [MEDIUM] CWE-266 CVE-2025-2553: A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been rated as problematic A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been rated as problematic. This issue affects some unknown processing of the file /goform/formVirtualServ. The manipulation leads to improper access controls. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be use

CVE-2025-2551 [MEDIUM] CWE-266 CVE-2025-2551: A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been classified as proble A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been classified as problematic. This affects an unknown part of the file /goform/formSetPortTr. The manipulation leads to improper access controls. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. This vulner

CVE-2024-11959 [HIGH] CWE-119 CVE-2024-11959: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affec A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-11960 [HIGH] CWE-119 CVE-2024-11960: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnera A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.