cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10916,https://securityvulnerability.io/vulnerability/CVE-2024-10916,,"A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. This affects an unknown part of the file /xml/info.xml of the component HTTP GET Request Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",D-Link,Dns-320 Firmware,5.3,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-11-06T15:15:00.000Z,0
CVE-2024-10914,https://securityvulnerability.io/vulnerability/CVE-2024-10914,D-Link Routers Vulnerable to OS Command Injection Attacks,"A vulnerability exists in D-Link network attached storage devices, including the DNS-320, DNS-320LW, DNS-325, and DNS-340L, which allows for OS command injection. This issue arises in the cgi_user_add function of the /cgi-bin/account_mgr.cgi interface, where improper handling of the 'name' argument can be exploited. The attack can be executed remotely, although the complexity of successfully exploiting this vulnerability is relatively high and requires advanced knowledge. Public disclosure of the exploit amplifies the risk, necessitating immediate attention to secure affected devices.",D-Link,Dns-320 Firmware,9.8,CRITICAL,0.16929000616073608,false,true,false,true,true,true,true,2024-11-06T14:15:00.000Z,9109
CVE-2024-10915,https://securityvulnerability.io/vulnerability/CVE-2024-10915,OS Command Injection Vulnerability in D-Link NAS Products,"A vulnerability exists in D-Link's DNS-320, DNS-320LW, DNS-325, and DNS-340L NAS devices, specifically within the cgi_user_add function of the /cgi-bin/account_mgr.cgi endpoint. This issue is caused by improper handling of the 'group' argument, which leads to potential OS command injection. Remote attackers can exploit this vulnerability to execute arbitrary commands on the affected devices. Although the complexity of the attack is high, the public disclosure of the exploit raises concerns about the security posture of networks utilizing these devices. Users are advised to apply any available patches or mitigations.",D-Link,Dns-320 Firmware,9.8,CRITICAL,0.23746000230312347,false,false,false,false,,false,false,2024-11-06T14:15:00.000Z,0
CVE-2024-8461,https://securityvulnerability.io/vulnerability/CVE-2024-8461,D-Link DNS-320 2.02b01 Vulnerable to Information Disclosure via Remote Exploit,"A vulnerability has been identified within the D-Link DNS-320 web management interface, specifically in the file /cgi-bin/discovery.cgi. This flaw permits unauthorized information disclosure, which can be exploited remotely. The affected product, version 2.02b01 of the DNS-320, is no longer supported by D-Link, as it has reached end-of-life. Users are strongly advised to retire and replace this product to mitigate any security risks associated with this vulnerability.",D-link,Dns-320,5.3,MEDIUM,0.0005499999970197678,false,false,false,true,true,false,false,2024-09-05T12:31:05.270Z,0
CVE-2024-8460,https://securityvulnerability.io/vulnerability/CVE-2024-8460,DNS-320 2.02b01 Vulnerability: Information Disclosure Risk,"A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01. Affected by this issue is some unknown functionality of the file /cgi-bin/widget_api.cgi of the component Web Management Interface. The manipulation of the argument getHD/getSer/getSys leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.",D-link,Dns-320,5.9,MEDIUM,0.0013699999544769526,false,false,false,true,true,false,false,2024-09-05T12:00:07.296Z,0
CVE-2024-8214,https://securityvulnerability.io/vulnerability/CVE-2024-8214,Command Injection Vulnerability in D-Link NAS Devices,"A significant command injection vulnerability exists in several D-Link network storage devices, specifically in the cgi_FMT_Std2R5_2nd_DiskMGR function within the /cgi-bin/hd_config.cgi file. This vulnerability allows an attacker to manipulate the f_source_dev argument, leading to remote execution of arbitrary commands. The affected models, which include various DNS series and DNR series devices, are no longer supported by D-Link and are considered end-of-life. Users are strongly recommended to retire affected devices and transition to supported alternatives to mitigate potential security risks.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.0018500000005587935,false,false,false,true,true,false,false,2024-08-27T20:00:06.123Z,0
CVE-2024-8213,https://securityvulnerability.io/vulnerability/CVE-2024-8213,Command Injection Vulnerability in D-Link NAS Devices,"A severe command injection vulnerability has been identified in various D-Link network-attached storage devices, specifically impacting the functionality associated with the 'cgi_FMT_R12R5_1st_DiskMGR' method found in the file '/cgi-bin/hd_config.cgi'. This vulnerability allows an attacker to exploit the 'f_source_dev' argument remotely, leading to potential unauthorized access and control over the affected systems. Notably, this flaw affects devices that are no longer supported by D-Link, raising significant security concerns for users of outdated products. It is strongly advised that these affected devices be decommissioned and replaced to mitigate risks associated with this vulnerability.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.002630000002682209,false,false,false,true,true,false,false,2024-08-27T19:31:07.569Z,0
CVE-2024-8212,https://securityvulnerability.io/vulnerability/CVE-2024-8212,D-Link DNS products vulnerable to command injection via /cgi-bin/hd_config.cgi,"A vulnerability has been identified in several D-Link DNS series Network Attached Storage products, specifically affecting the function cgi_FMT_R12R5_2nd_DiskMGR located in the /cgi-bin/hd_config.cgi file. The vulnerability arises from improper handling of the f_source_dev parameter, leading to potential command injection attacks. This issue can be exploited remotely, allowing attackers to execute unauthorized commands on affected devices. Notably, all products impacted by this vulnerability are no longer supported by the vendor, emphasizing the need for users to retire and replace these devices to mitigate risk.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.0010000000474974513,false,false,false,true,true,false,false,2024-08-27T19:31:04.976Z,0
CVE-2024-8211,https://securityvulnerability.io/vulnerability/CVE-2024-8211,Command Injection Vulnerability in D-Link NAS Devices,"A critical command injection vulnerability has been identified in specific D-Link NAS devices, impacting the cgi_FMT_Std2R1_DiskMGR function within the /cgi-bin/hd_config.cgi file. By manipulating the 'f_newly_dev' argument, an attacker may execute arbitrary commands remotely. The vulnerability affects models like DNS-120, DNS-320, and multiple others; importantly, it pertains to products that have reached their end-of-life status and are no longer supported by D-Link. The exploit has been publicly disclosed, urging users still operating these devices to consider immediate retirement and replacement to safeguard their networks.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.0018500000005587935,false,false,false,true,true,false,false,2024-08-27T19:00:06.373Z,0
CVE-2024-8210,https://securityvulnerability.io/vulnerability/CVE-2024-8210,Command Injection Vulnerability in D-Link Network Storage Devices,"A serious command injection vulnerability has been identified in multiple D-Link network storage devices, specifically in the function sprintf of the /cgi-bin/hd_config.cgi file. The vulnerability can be exploited remotely through the manipulation of the argument f_mount, allowing malicious actors to execute arbitrary commands on the affected devices. This issue impacts a range of products that are no longer supported by D-Link, meaning these devices may remain exposed to potential threats. Users are strongly advised to discontinue the use of affected models, as they are classified as end-of-life and have not received security updates.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.002630000002682209,false,false,false,true,true,false,false,2024-08-27T18:31:05.678Z,0
CVE-2024-8134,https://securityvulnerability.io/vulnerability/CVE-2024-8134,Command Injection Vulnerability in D-Link Network Attached Storage Devices,"A serious command injection vulnerability has been identified in multiple D-Link Network Attached Storage (NAS) devices, including models DNS-120, DNS-320, and DNS-1550-04, among others. This flaw resides in the cgi_FMT_Std2R5_1st_DiskMGR function of the HTTP POST request handler in the hd_config.cgi file. By manipulating the f_source_dev parameter, attackers can execute arbitrary commands on the vulnerable devices. This vulnerability is particularly concerning as it can be exploited remotely, thereby increasing its potential risk to networks employing affected devices that are no longer supported by D-Link. Users are strongly advised to retire any end-of-life products and replace them with supported alternatives to mitigate security risks.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T20:00:06.287Z,0
CVE-2024-8133,https://securityvulnerability.io/vulnerability/CVE-2024-8133,D-Linkproducts at risk of command injection vulnerability,"A command injection vulnerability exists in multiple D-Link DNS products due to improper handling of request parameters in the HTTP POST Request Handler file. Specifically, manipulating the 'f_source_dev' argument in the cgi_FMT_R5_SpareDsk_DiskMGR function could allow an attacker to execute arbitrary commands remotely. This vulnerability impacts devices that have reached their end-of-life and are no longer maintained, highlighting the need for users to upgrade or replace their affected devices to mitigate potential security risks.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T19:00:06.248Z,0
CVE-2024-8132,https://securityvulnerability.io/vulnerability/CVE-2024-8132,remote command injection vulnerability in webdav_mgr function of HTTP POST Request Handler,"A command injection vulnerability exists in several D-Link network storage models due to improper handling of the 'f_path' argument within the webdav_mgr function of the HTTP POST Request Handler. This vulnerability can be exploited remotely, allowing attackers to execute arbitrary commands on affected devices. The affected products are no longer supported by D-Link, which has confirmed their end-of-life status, advising that users replace these devices to mitigate potential risks.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T18:00:05.836Z,0
CVE-2024-8131,https://securityvulnerability.io/vulnerability/CVE-2024-8131,Command Injection Vulnerability in D-Link NAS Devices,"A serious command injection vulnerability has been discovered within several D-Link NAS devices, compromising the function module_enable_disable in the /cgi-bin/apkg_mgr.cgi file, specifically related to the HTTP POST Request Handler. This vulnerability enables attackers to manipulate the f_module_name argument, which can lead to executing arbitrary commands remotely. Notably, this vulnerability affects older models that are no longer supported, increasing the urgency for users to retire these devices and migrate to more secure alternatives. Exploits have already been disclosed publicly, and affected users are strongly advised to take immediate action to safeguard their networked systems.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T17:31:05.870Z,0
CVE-2024-8130,https://securityvulnerability.io/vulnerability/CVE-2024-8130,Command Injection Vulnerability in D-Link NAS Devices,"A serious vulnerability has been identified in various D-Link NAS devices, specifically impacting the cgi_s3 function within the /cgi-bin/s3.cgi file, associated with the HTTP POST Request Handler. This flaw results from improper handling of the f_a_key argument, enabling command injection attacks that can be executed remotely. Given that the affected products are no longer supported and are designated as end-of-life, users are strongly advised to retire these devices promptly. The public disclosure of this exploit raises significant security concerns, making it imperative for users to transition to supported alternatives.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T16:31:05.950Z,0
CVE-2024-8129,https://securityvulnerability.io/vulnerability/CVE-2024-8129,Remotely exploitable command injection vulnerability in D-Link products,"A significant command injection vulnerability has been identified within a range of D-Link NAS devices, specifically in the cgi_s3_modify function of the HTTP POST Request Handler. This vulnerability enables an attacker to manipulate the f_job_name argument, thereby executing arbitrary commands on the device. The affected products include a variety of models within the D-Link DNS series, manifesting concerns for users continuing to operate these devices. Since these products are no longer supported, the risk of exploitation increases. It is crucial for users to retire affected devices and migrate to supported alternatives to mitigate potential threats.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T15:31:05.810Z,0
CVE-2024-8128,https://securityvulnerability.io/vulnerability/CVE-2024-8128,D-Link DNS Devices at Risk of Command Injection Vulnerability,"A vulnerability has been discovered in several D-Link network attached storage devices, specifically affecting the cgi_add_zip function in the /cgi-bin/webfile_mgr.cgi file. This issue arises from improper handling of the 'path' argument, allowing attackers to perform command injection. The vulnerability is accessible remotely, enabling malicious actors to execute arbitrary commands on the affected devices. The flaw impacts devices that are no longer supported, and users are advised to retire and replace these products to safeguard their networks. Full details regarding the exploitation of this vulnerability can be found in the publicly disclosed resources.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T11:31:05.389Z,0
CVE-2024-8127,https://securityvulnerability.io/vulnerability/CVE-2024-8127,D-Link Products at Risk of Command Injection Vulnerability,"A command injection vulnerability has been identified in various D-Link network storage products, notably in the CGI handler file /cgi-bin/webfile_mgr.cgi. This flaw arises from improper handling of a specific argument within the cgi_unzip function, enabling remote attackers to execute arbitrary commands. The vulnerability affects multiple models including DNS-120, DNS-320, and several others listed, particularly those that are no longer supported or have reached end-of-life, making them more susceptible to exploitation. It is crucial for users of the affected devices to consider retiring and replacing outdated products to mitigate potential risks.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.030419999733567238,false,false,false,true,true,false,false,2024-08-24T09:31:05.244Z,0
CVE-2024-7832,https://securityvulnerability.io/vulnerability/CVE-2024-7832,D-Link Products at Risk of Buffer Overflow Vulnerability,"A buffer overflow vulnerability has been identified in multiple D-Link network attached storage (NAS) devices, specifically affecting the cgi_get_fullscreen_photos function within the photocenter_mgr.cgi script. This flaw can be exploited remotely, allowing an attacker to manipulate user-supplied arguments and trigger overflow conditions. Given that the affected devices are no longer supported by D-Link, it is crucial for users to retire and replace these devices to safeguard against potential exploitation, as the exploit details have been publicly disclosed.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",8.8,HIGH,0.001990000018849969,false,false,false,true,true,false,false,2024-08-15T13:31:04.175Z,0
CVE-2024-7831,https://securityvulnerability.io/vulnerability/CVE-2024-7831,Buffer Overflow Vulnerability in D-Link Network Attached Storage Devices,"A buffer overflow vulnerability exists in multiple D-Link Network Attached Storage (NAS) devices, specifically within the cgi_get_cooliris function of the photocenter_mgr.cgi script. This critical flaw permits remote attackers to manipulate the 'path' argument, potentially leading to arbitrary code execution due to unchecked input. It is important to note that this vulnerability affects devices no longer supported by D-Link, including various models such as the DNS-120, DNS-320 series, and others listed. Since these products have reached their end-of-life status, users are strongly advised to retire them and migrate to supported hardware to ensure security.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.004819999914616346,false,false,false,true,true,false,false,2024-08-15T13:00:08.266Z,0
CVE-2024-7830,https://securityvulnerability.io/vulnerability/CVE-2024-7830,Unsupported vulnerabilities in D-Link products due to buffer overflow in cgi_move_photo function,"A significant buffer overflow vulnerability exists in D-Link's NAS devices due to improper handling of the photo_name argument in the cgi_move_photo function within the /cgi-bin/photocenter_mgr.cgi script. This weakness permits remote attackers to exploit the flaw, potentially leading to unauthorized control over the affected devices. Notably, this vulnerability affects several models of D-Link NAS devices that have reached end-of-life status and are no longer supported by the vendor. Users are strongly advised to retire these devices and consider upgrading to supported alternatives to maintain network security.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.004819999914616346,false,false,false,true,true,false,false,2024-08-15T13:00:06.188Z,0
CVE-2024-7829,https://securityvulnerability.io/vulnerability/CVE-2024-7829,UNSUPPORTED WHEN ASSIGNED: Buffer Overflow Vulnerability in D-Link Products,"A buffer overflow vulnerability exists in the cgi_del_photo feature of the D-Link DNS NAS series products. This vulnerability can be exploited remotely via manipulated current_path arguments, potentially allowing attackers to execute arbitrary code. The affected models include several end-of-life devices, raising significant security concerns as they are no longer supported by the vendor. Users are advised to retire these products and consider replacements to mitigate risks associated with this vulnerability.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.004819999914616346,false,false,false,true,true,false,false,2024-08-15T12:31:05.244Z,0
CVE-2024-7828,https://securityvulnerability.io/vulnerability/CVE-2024-7828,Unsupported Products at Risk of Buffer Overflow Vulnerability,"A critical buffer overflow vulnerability exists within various D-Link Network Attached Storage (NAS) devices due to improper handling of the album_name argument in the cgi_set_cover function of the photocenter_mgr.cgi script. This flaw allows an attacker to exploit the system remotely, potentially leading to unauthorized access or system compromise. It's important to note that this vulnerability impacts products that are no longer supported by D-Link, and users are strongly advised to replace affected devices, as they are considered end-of-life. The vulnerability has been publicly disclosed, increasing the risk of exploitation.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",9.8,CRITICAL,0.004819999914616346,false,false,false,true,true,false,false,2024-08-15T12:31:03.787Z,0
CVE-2024-7715,https://securityvulnerability.io/vulnerability/CVE-2024-7715,Command Injection Vulnerability in D-Link Network Attached Storage Devices,"A significant command injection vulnerability has been identified in various D-Link Network Attached Storage devices that may allow an attacker to execute arbitrary commands remotely. This flaw arises from improper validation in the 'sprintf' function located in the '/cgi-bin/photocenter_mgr.cgi' file. The vulnerability primarily affects a range of products that have reached end-of-life status, indicating that they are no longer supported or receiving security updates from the vendor. As such, organizations using these devices are strongly advised to retire them and replace them with supported models to mitigate the risk of exploitation.",D-link,"Dns-120,Dnr-202l,Dns-315l,Dns-320,Dns-320l,Dns-320lw,Dns-321,Dnr-322l,Dns-323,Dns-325,Dns-326,Dns-327l,Dnr-326,Dns-340l,Dns-343,Dns-345,Dns-726-4,Dns-1100-4,Dns-1200-05,Dns-1550-04",6.3,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2024-08-13T06:31:04.655Z,0
CVE-2020-25506,https://securityvulnerability.io/vulnerability/CVE-2020-25506,,"D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.",D-Link,Dns-320 Firmware,9.8,CRITICAL,0.9726300239562988,true,false,false,true,,false,false,2021-02-02T13:00:11.000Z,0