CVSS: 7.5EPSS: 10%CPEs: 10EXPL: 2CVE-2019-7642
https://notcve.org/view.php?id=CVE-2019-7642
25 Mar 2019 — D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10). Los routers D-Link con la funcionalidad mydlink presentan algunas interfaces web sin requerimientos de autenticación. • https://github.com/xw77cve/CVE-2019-7642 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 89%CPEs: 3EXPL: 1CVE-2018-9032 – D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass
https://notcve.org/view.php?id=CVE-2018-9032
27 Mar 2018 — An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version : A1, B1; Firmware Version : 1.02-2.06) devices potentially allows attackers to bypass SharePort Web Access Portal by directly visiting /category_view.php or /folder_view.php. Una vulnerabilidad de omisión de autenticación en dispositivos D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version: A1, B1; Firmware Version: 1.02-2.06) podría permitir que los atacant... • https://www.exploit-db.com/exploits/44378 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 21%CPEs: 22EXPL: 0CVE-2016-5681
https://notcve.org/view.php?id=CVE-2016-5681
25 Aug 2016 — Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie. Desbordamie... • http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •