CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1104 – D-Link DHP-W310AV authentication spoofing
https://notcve.org/view.php?id=CVE-2025-1104
07 Feb 2025 — A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authentication bypass by spoofing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/kn1g78/cve/blob/main/dlink.md • CWE-287: Improper Authentication CWE-290: Authentication Bypass by Spoofing •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2025-0481 – D-Link DIR-878 HTTP POST Request dllog.cgi information disclosure
https://notcve.org/view.php?id=CVE-2025-0481
15 Jan 2025 — A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-878/dllog.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13108 – D-Link DIR-816 A2 form2NetSniper.cgi access control
https://notcve.org/view.php?id=CVE-2024-13108
02 Jan 2025 — A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack can be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2NetSniper.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13107 – D-Link DIR-816 A2 ACL form2LocalAclEditcfg.cgi access control
https://notcve.org/view.php?id=CVE-2024-13107
02 Jan 2025 — A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been classified as critical. This affects an unknown part of the file /goform/form2LocalAclEditcfg.cgi of the component ACL Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2LocalAclEditcfg.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13106 – D-Link DIR-816 A2 IP QoS form2IPQoSTcAdd access control
https://notcve.org/view.php?id=CVE-2024-13106
02 Jan 2025 — A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/form2IPQoSTcAdd of the component IP QoS Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2IPQoSTcAdd.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13105 – D-Link DIR-816 A2 DHCPD Setting form2Dhcpd.cgi access control
https://notcve.org/view.php?id=CVE-2024-13105
02 Jan 2025 — A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of the component DHCPD Setting Handler. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2Dhcpd.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13104 – D-Link DIR-816 A2 WiFi Settings form2AdvanceSetup.cgi access control
https://notcve.org/view.php?id=CVE-2024-13104
02 Jan 2025 — A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component WiFi Settings Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2AdvanceSetup.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13103 – D-Link DIR-816 A2 Virtual Service form2AddVrtsrv.cgi access control
https://notcve.org/view.php?id=CVE-2024-13103
02 Jan 2025 — A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2AddVrtsrv.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13102 – D-Link DIR-816 A2 DDNS Service access control
https://notcve.org/view.php?id=CVE-2024-13102
02 Jan 2025 — A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/DDNS.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13030 – D-Link DIR-823G Web Management Interface HNAP1 SetVirtualServerSettings access control
https://notcve.org/view.php?id=CVE-2024-13030
30 Dec 2024 — A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-823G/SetAutoRebootSettings.md • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •