CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-9026 – D-Link DIR-860L Simple Service Discovery Protocol cgibin ssdpcgi_main os command injection
https://notcve.org/view.php?id=CVE-2025-9026
15 Aug 2025 — A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file htdocs/cgibin of the component Simple Service Discovery Protocol. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.320091 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-9003 – D-Link DIR-818LW DHCP Reserved Address bsc_lan.php cross site scripting
https://notcve.org/view.php?id=CVE-2025-9003
15 Aug 2025 — A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsc_lan.php of the component DHCP Reserved Address Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. • https://vuldb.com/?id.320032 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-8978 – D-Link DIR-619L boa FirmwareUpgrade data authenticity
https://notcve.org/view.php?id=CVE-2025-8978
14 Aug 2025 — A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. • https://vuldb.com/?id.319974 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-8949 – D-Link DIR-825 httpd ping_response.cgi get_ping_app_stat stack-based overflow
https://notcve.org/view.php?id=CVE-2025-8949
14 Aug 2025 — A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function get_ping_app_stat of the file ping_response.cgi of the component httpd. The manipulation of the argument ping_ipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.319915 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 3CVE-2013-10069 – D-Link Devices Unauthenticated RCE
https://notcve.org/view.php?id=CVE-2013-10069
05 Aug 2025 — The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to spawn a Telnet service on a specified port, enabling persistent interactive shell access as root. La interfaz web de varios routers D-Link, incluyendo el DIR-600 rev B (?2.14b01) y el DIR-300 rev B (?2.13), con... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/admin/http/dlink_dir_300_600_exec_noauth.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 4CVE-2013-10048 – D-Link Devices command.php Unauthenticated RCE
https://notcve.org/view.php?id=CVE-2013-10048
01 Aug 2025 — An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to improper input handling in the unauthenticated command.php endpoint. By sending specially crafted POST requests, a remote attacker can execute arbitrary shell commands with root privileges, allowing full takeover of the device. This includes launching services such as Telnet, exfiltrating credentials, modifying system configuration, and disrup... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/dlink_command_php_exec_noauth.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 4CVE-2013-10050 – D-Link Devices tools_vct.xgi Unauthenticated RCE
https://notcve.org/view.php?id=CVE-2013-10050
01 Aug 2025 — An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is present in firmware versions ... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/dlink_dir300_exec_telnet.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 4CVE-2013-10059 – D-Link Routers tools_vct.htm OS Command Injection
https://notcve.org/view.php?id=CVE-2013-10059
01 Aug 2025 — An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands. Existe una vulnerabilidad d... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/dlink_dir615_up_exec.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2012-10021 – D-Link DIR-605L Captcha Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2012-10021
31 Jul 2025 — A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied CAPTCHA data via the FILECODE parameter in /goform/formLogin. A remote unauthenticated attacker can exploit this to execute arbitrary code with root privileges on the device. Existe una vulnerabilidad de desbordamiento de búfer en la pila en las versiones de firmware 1.12 y... • https://forums.dlink.com/index.php?topic=51923.0 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2014-125117 – D-Link info.cgi POST Request Stack-Based Buffer Overflow RCE
https://notcve.org/view.php?id=CVE-2014-125117
25 Jul 2025 — A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices, including the DSP-W215 version 1.02, can be exploited via a specially crafted HTTP POST request to the /common/info.cgi endpoint. This flaw enables an unauthenticated attacker to achieve remote code execution with system-level privileges. Una vulnerabilidad de desbordamiento de búfer basada en pila en el componente my_cgi.cgi de ciertos dispositivos D-Link, incluido el DSP-W215 versión 1.02, puede explotarse m... • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/dlink_dspw215_info_cgi_bof.rb • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •