CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9792 – D-Link DSL-2750U Port Forwarding Page cross site scripting
https://notcve.org/view.php?id=CVE-2024-9792
10 Oct 2024 — A vulnerability classified as problematic has been found in D-Link DSL-2750U R5B017. This affects an unknown part of the component Port Forwarding Page. The manipulation of the argument PortMappingDescription leads to cross site scripting. It is possible to initiate the attack remotely. Es wurde eine Schwachstelle in D-Link DSL-2750U R5B017 entdeckt. • https://vuldb.com/?ctiid.279945 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 88EXPL: 1CVE-2024-0717 – D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure
https://notcve.org/view.php?id=CVE-2024-0717
19 Jan 2024 — A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, D... • https://github.com/999zzzzz/D-Link • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-46033
https://notcve.org/view.php?id=CVE-2023-46033
19 Oct 2023 — D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control. D-Link (Non-US) DSL-2750U N300 ADSL2+ y (Non-US) DSL-2730U N150 ADSL2+ son vulnerables a un control de acceso incorrecto. La interfaz UART/Serial en la PCB proporciona salida de registro y un terminal root sin control de acceso adecuado. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10357 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3708
https://notcve.org/view.php?id=CVE-2021-3708
16 Aug 2021 — D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device. El router D-Link DSL-2750U con versiones de firmware vME1.16 o versiones anteriores, es vulnerable a una inyección de comandos del SO. Un atacante no autenticado en la red local puede explotar esto, con CVE-2021-3707, para ejecutar cualquier comando del Sistema Operati... • https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20%28firmware%20version%201.6%29/README.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-3707
https://notcve.org/view.php?id=CVE-2021-3707
16 Aug 2021 — D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device. El router D-Link DSL-2750U con versiones de firmware vME1.16 o versiones anteriores, es vulnerable a una modificación no autorizada de la configuración. Un atacante no autenticado en la red local puede explotar esto, con CVE-2021-3708, para ejecutar ... • https://github.com/HadiMed/DSL-2750U-Full-chain • CWE-15: External Control of System or Configuration Setting •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13150
https://notcve.org/view.php?id=CVE-2020-13150
15 Jun 2020 — D-link DSL-2750U ISL2750UEME3.V1E devices allow approximately 90 seconds of access to the control panel, after a restart, before MAC address filtering rules become active. Los dispositivos D-link DSL-2750U versión ISL2750UEME3.V1E, permiten aproximadamente 90 segundos de acceso al panel de control, después de un reinicio, previo a que las reglas de filtrado de direcciones MAC sean activadas • https://gist.github.com/idris159/4c3ea746f4b19308b8ce8d8a7e313310 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 2CVE-2019-1010155
https://notcve.org/view.php?id=CVE-2019-1010155
23 Jul 2019 — D-Link DSL-2750U 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login. NOTE: Third parties dispute this issues as not being a vulnerability because although the wizard is accessible without authentication, it can't actually configure anything. Thus, there is no denial of service or information leakage ** EN DISPUTA ** D-Link DSL-2750U versión 1.11 está afectado por: Omisión de Autenticación. • http://www.securityfocus.com/bid/109351 •