CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41616
https://notcve.org/view.php?id=CVE-2024-41616
06 Aug 2024 — D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. • https://github.com/LYaoBoL/IOTsec/blob/main/D-Link/DIR300/CVE-2024-41616 • CWE-259: Use of Hard-coded Password •
CVSS: 5.3EPSS: 21%CPEs: 88EXPL: 1CVE-2024-0717 – D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure
https://notcve.org/view.php?id=CVE-2024-0717
19 Jan 2024 — A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, D... • https://github.com/999zzzzz/D-Link • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31814
https://notcve.org/view.php?id=CVE-2023-31814
23 May 2023 — D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php. • https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade • CWE-706: Use of Incorrectly-Resolved Name or Reference •
CVSS: 9.8EPSS: 27%CPEs: 10EXPL: 2CVE-2013-7471
https://notcve.org/view.php?id=CVE-2013-7471
11 Jun 2019 — An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPort element of a SOAP POST request. Se descubrió un problema en soap.cgi? • http://www.s3cur1ty.de/m1adv2013-020 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •