cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-28956,https://securityvulnerability.io/vulnerability/CVE-2022-28956,Code Injection Vulnerability in D-Link DIR816L Router,"The D-Link DIR816L router has a security vulnerability in the getcfg.php component that allows an attacker to execute arbitrary code through a specifically crafted payload. This enables unauthorized access to the device, potentially compromising sensitive user data and network integrity. Users of the affected firmware version are advised to apply security updates and review their device configurations to mitigate risks.",D-Link,Dir-816l Firmware,9.8,CRITICAL,0.014659999869763851,false,,false,false,false,,,false,false,,2022-05-18T11:50:42.000Z,0
CVE-2022-28955,https://securityvulnerability.io/vulnerability/CVE-2022-28955,Access Control Flaw in D-Link Router Products,"A security vulnerability in the D-Link DIR-816L router's firmware enables unauthenticated attackers to exploit access control mechanisms. This flaw allows unauthorized users to gain access to sensitive directories, specifically folder_view.php and category_view.php, potentially compromising the integrity and confidentiality of user data. Remediation involves updating to the latest firmware version to mitigate the risks associated with this vulnerability.",D-Link,Dir-816l Firmware,7.5,HIGH,0.023910000920295715,false,,false,false,false,,,false,false,,2022-05-18T11:50:41.000Z,0
CVE-2020-15893,https://securityvulnerability.io/vulnerability/CVE-2020-15893,Command Injection Vulnerability in D-Link DIR-816L Devices,"The D-Link DIR-816L devices prior to version 1.10b04Beta02 are susceptible to a command injection vulnerability due to Universal Plug and Play (UPnP) being enabled by default on port 1900. An attacker could exploit this flaw by injecting a malicious payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. This could potentially lead to unauthorized access or control over the affected device, compromising its integrity and security.",D-Link,Dir-816l Firmware,9.8,CRITICAL,0.03832999989390373,false,,false,false,true,2014-07-11T14:17:56.000Z,true,false,false,,2020-07-22T18:56:05.000Z,0
CVE-2020-15894,https://securityvulnerability.io/vulnerability/CVE-2020-15894,Exposed Administration Function in D-Link DIR-816L Devices,"The D-Link DIR-816L has a web application vulnerability due to an exposed administration function in the getcfg.php file. This vulnerability allows attackers to manipulate the _POST_SERVICES parameter to access sensitive information, including admin login credentials. Such exposure can lead to unauthorized access and potential compromise of the device. Users are advised to update their firmware to the latest version to mitigate this risk.",D-Link,Dir-816l Firmware,7.5,HIGH,0.0015300000086426735,false,,false,false,false,,,false,false,,2020-07-22T18:55:56.000Z,0
CVE-2020-15895,https://securityvulnerability.io/vulnerability/CVE-2020-15895,Cross-Site Scripting in D-Link DIR-816L Devices,"An XSS vulnerability exists in D-Link DIR-816L devices due to insufficient output filtration in the web interface. The 'RESULT' parameter in the 'webinc/js/info.php' file is prone to manipulation, allowing attackers to inject malicious scripts that can be executed in the context of the user's browser. This can lead to unauthorized actions, data theft, or spreading malware to users accessing the compromised page.",D-Link,Dir-816l Firmware,6.1,MEDIUM,0.0014400000218302011,false,,false,false,false,,,false,false,,2020-07-22T18:55:44.000Z,0
CVE-2015-5999,https://securityvulnerability.io/vulnerability/CVE-2015-5999,,"Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) change the network policy, or (3) possibly have other unspecified impact via crafted requests to hedwig.cgi and pigwidgeon.cgi.",D-Link,Dir-816l Firmware,,,0.8809199929237366,false,,false,false,false,,,false,false,,2015-11-18T16:00:00.000Z,0