CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5630 – D-Link DIR-816 form2lansetup.cgi stack-based overflow
https://notcve.org/view.php?id=CVE-2025-5630
05 Jun 2025 — A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the file /goform/form2lansetup.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wudipjq/my_vuln/blob/main/D-Link5/vuln_54/54.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5624 – D-Link DIR-816 QoSPortSetup stack-based overflow
https://notcve.org/view.php?id=CVE-2025-5624
05 Jun 2025 — A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /goform/QoSPortSetup. The manipulation of the argument port0_group/port0_remarker/ssid0_group/ssid0_remarker leads to stack-based buffer overflow. The attack can be initiated remotely. • https://github.com/wudipjq/my_vuln/blob/main/D-Link5/vuln_53/53.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5623 – D-Link DIR-816 qosClassifier stack-based overflow
https://notcve.org/view.php?id=CVE-2025-5623
05 Jun 2025 — A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to stack-based buffer overflow. It is possible to initiate the attack remotely. • https://github.com/wudipjq/my_vuln/blob/main/D-Link5/vuln_51/51.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5622 – D-Link DIR-816 wirelessApcli_5g stack-based overflow
https://notcve.org/view.php?id=CVE-2025-5622
05 Jun 2025 — A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the argument apcli_mode_5g/apcli_enc_5g/apcli_default_key_5g leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wudipjq/my_vuln/blob/main/D-Link5/vuln_50/50.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5621 – D-Link DIR-816 qosClassifier os command injection
https://notcve.org/view.php?id=CVE-2025-5621
04 Jun 2025 — A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument dip_address/sip_address leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wudipjq/my_vuln/blob/main/D-Link5/vuln_49/49.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5620 – D-Link DIR-816 setipsec_config os command injection
https://notcve.org/view.php?id=CVE-2025-5620
04 Jun 2025 — A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec_config. The manipulation of the argument localIP/remoteIP leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wudipjq/my_vuln/blob/main/D-Link5/vuln_48/48.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5573 – D-Link DCS-932L setSystemWizard setSystemControl os command injection
https://notcve.org/view.php?id=CVE-2025-5573
04 Jun 2025 — A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. • https://vuldb.com/?id.311030 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5572 – D-Link DCS-932L setSystemEmail stack-based overflow
https://notcve.org/view.php?id=CVE-2025-5572
04 Jun 2025 — A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched remotely. • https://vuldb.com/?id.311029 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5571 – D-Link DCS-932L setSystemAdmin os command injection
https://notcve.org/view.php?id=CVE-2025-5571
04 Jun 2025 — A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. • https://vuldb.com/?id.311028 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5228 – D-Link DI-8100 jhttpd login.cgi httpd_get_parm stack-based overflow
https://notcve.org/view.php?id=CVE-2025-5228
27 May 2025 — A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated within the local network. • https://github.com/xubeining/Cve_report/blob/main/The%20D-Link%20DI-8100%20contains%20a%20binary%20vulnerability.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •