Dlink Dir-605L Firmware vulnerabilities

CVE-2026-5982 [HIGH] CWE-119 CVE-2026-5982: A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAd A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the component POST Request Handler. Performing a manipulation of the argument curTime results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be u

CVE-2026-5981 [HIGH] CWE-119 CVE-2026-5981: A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST Request Handler. Such manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnera

CVE-2026-5984 [HIGH] CWE-119 CVE-2026-5984: A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of th A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This vulnerability

CVE-2026-5983 [HIGH] CWE-119 CVE-2026-5983: A vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDD A vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDDNS of the file /goform/formSetDDNS of the component POST Request Handler. Executing a manipulation of the argument curTime can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This

CVE-2026-5979 [HIGH] CWE-119 CVE-2026-5979: A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the funct A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulner

CVE-2026-5980 [HIGH] CWE-119 CVE-2026-5980: A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACF A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /goform/formSetMACFilter of the component POST Request Handler. This manipulation of the argument curTime causes buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used. This vulnerability on

CVE-2026-2055 [MEDIUM] CWE-200 CVE-2026-2055: A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVE-2026-2056 [MEDIUM] CWE-200 CVE-2026-2056: A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impa A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impacted element is an unknown function of the file /wan_connection_status.asp of the component DHCP Connection Status Handler. The manipulation leads to information disclosure. Remote exploitation of the attack is possible. The exploit has been disclosed p

CVE-2026-2054 [MEDIUM] CWE-200 CVE-2026-2054: A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only af

CVE-2025-65731 [MEDIUM] CWE-306 CVE-2025-65731: An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control.

CVE-2012-10021 [CRITICAL] CWE-121 CVE-2012-10021: A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router fir A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied CAPTCHA data via the FILECODE parameter in /goform/formLogin. A remote unauthenticated attacker can exploit thi

CVE-2025-46176 [MEDIUM] CWE-77 CVE-2025-46176: Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.

CVE-2025-4442 [HIGH] CWE-119 CVE-2025-4442: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnera A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetWAN_Wizard55. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that a

CVE-2025-4445 [MEDIUM] CWE-74 CVE-2025-4445: A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the fu A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported

CVE-2025-4443 [MEDIUM] CWE-74 CVE-2025-4443: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affe A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The manipulation of the argument sysCmd leads to command injection. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer suppo

CVE-2025-4441 [HIGH] CWE-119 CVE-2025-4441: A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affec A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formSetWAN_Wizard534. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that ar

CVE-2025-2550 [MEDIUM] CWE-266 CVE-2025-2550: A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Af A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/formSetDDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack needs to be initiated within the local network. The exploit has been disclos

CVE-2025-2552 [MEDIUM] CWE-266 CVE-2025-2552: A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been declared as problema A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/formTcpipSetup. The manipulation leads to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may

CVE-2025-2549 [MEDIUM] CWE-266 CVE-2025-2549: A vulnerability has been found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problemati A vulnerability has been found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/formSetPassword. The manipulation leads to improper access controls. The attack needs to be done within the local network. The exploit has been disclosed to the public and

CVE-2025-2548 [MEDIUM] CWE-266 CVE-2025-2548: A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/ A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/3.02. Affected is an unknown function of the file /goform/formSetDomainFilter. The manipulation leads to improper access controls. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. T