cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-1104,https://securityvulnerability.io/vulnerability/CVE-2025-1104,Authentication Bypass Vulnerability in D-Link DHP-W310AV by D-Link,"A vulnerability discovered in the D-Link DHP-W310AV 1.04 model allows attackers to bypass authentication through spoofing techniques. This flaw can be exploited remotely, enabling unauthorized users to gain access to sensitive functionalities without needing valid credentials. The implications of this vulnerability are significant, as attackers can potentially manipulate the device, leading to unauthorized actions that compromise the security of the network. Users of the D-Link DHP-W310AV are urged to apply the necessary security patches and monitor their systems for any suspicious activity.",D-link,DHP-w310av,6.9,MEDIUM,0.0005499999970197678,false,,false,false,true,2025-02-07T16:31:04.000Z,true,false,false,,2025-02-07T16:31:04.664Z,0
CVE-2025-1103,https://securityvulnerability.io/vulnerability/CVE-2025-1103,Null Pointer Dereference in D-Link DIR-823X Router,"A problematic vulnerability has been identified in D-Link DIR-823X routers, specifically in the set_wifi_blacklists function within the HTTP POST Request Handler. This weakness arises when the macList argument is manipulated, potentially leading to a null pointer dereference. Attackers can exploit this issue remotely, requiring no authentication. The details of this vulnerability have been publicly disclosed, raising concerns about the security of affected devices.",D-link,Dir-823x,7.1,HIGH,0.00044999999227002263,false,,false,false,true,2025-02-07T15:00:10.000Z,true,false,false,,2025-02-07T15:00:10.453Z,0
CVE-2025-0492,https://securityvulnerability.io/vulnerability/CVE-2025-0492,Null Pointer Dereference in D-Link DIR-823X,"A vulnerability exists in the D-Link DIR-823X models 240126 and 240802 due to improper handling of a function resulting in a null pointer dereference. This flaw allows remote attackers to exploit the device, potentially leading to a denial of service. Awareness of this vulnerability is crucial as it has been publicly disclosed, increasing the risk of exploitation.",D-link,Dir-823x,8.7,HIGH,0.00044999999227002263,false,,false,false,true,2025-01-15T22:00:17.000Z,true,false,false,,2025-01-15T22:00:17.134Z,0
CVE-2025-0481,https://securityvulnerability.io/vulnerability/CVE-2025-0481,Information Disclosure Vulnerability in D-Link DIR-878 Router,"A vulnerability has been identified in the D-Link DIR-878 router version 1.03, specifically within the file /dllog.cgi of the HTTP POST Request Handler. This issue allows attackers to exploit improper access controls to gain unauthorized access to sensitive information remotely. The flaw can potentially expose critical data, leading to privacy concerns. The exploitation of this vulnerability has been publicly disclosed, warning users to take precautionary measures to safeguard their networks.",D-link,Dir-878,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-15T19:00:13.000Z,true,false,false,,2025-01-15T19:00:13.869Z,0
CVE-2024-13108,https://securityvulnerability.io/vulnerability/CVE-2024-13108,Improper Access Control in D-Link DIR-816 A2 Router,"A vulnerability exists in the D-Link DIR-816 A2 router that affects the handling of access controls in the file /goform/form2NetSniper.cgi. This issue can be exploited remotely, potentially allowing unauthorized access to sensitive functions. The flaw has been publicly disclosed, raising concerns regarding its exploitation. Users of the affected version, 1.10CNB05_R1B011D88210, should take immediate action to secure their devices against potential threats stemming from this vulnerability.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-02T12:31:05.000Z,true,false,false,,2025-01-02T12:31:05.759Z,0
CVE-2024-13107,https://securityvulnerability.io/vulnerability/CVE-2024-13107,Improper Access Control in D-Link DIR-816 Router,"A vulnerability has been identified in the D-Link DIR-816 A2 router that allows for the potential exploitation of access controls through the component ACL Handler, particularly the file /goform/form2LocalAclEditcfg.cgi. This vulnerability could permit unauthorized remote access, compromising the integrity and security of the device. An exploit has been publicly disclosed, raising awareness about the possible risks involved. Users are encouraged to review their configurations and apply necessary security measures to safeguard their networks.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-02T12:00:17.000Z,true,false,false,,2025-01-02T12:00:17.338Z,0
CVE-2024-13106,https://securityvulnerability.io/vulnerability/CVE-2024-13106,Access Control Vulnerability in D-Link Router DIR-816 A2,"A serious security vulnerability has been identified in the D-Link DIR-816 A2 router, specifically in the IP QoS handler's file at /goform/form2IPQoSTcAdd. This flaw allows unauthorized access due to improper access control mechanisms. Attackers can exploit this vulnerability remotely, potentially compromising sensitive functionalities of the router. With the exploit disclosed in the public domain, the affected user base is urged to apply necessary mitigations promptly to safeguard their networks.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-02T11:31:05.000Z,true,false,false,,2025-01-02T11:31:05.262Z,0
CVE-2024-13105,https://securityvulnerability.io/vulnerability/CVE-2024-13105,Improper Access Control in D-Link DIR-816 A2 Device,"A vulnerability exists in the D-Link DIR-816 A2 that allows for improper access controls in the file '/goform/form2Dhcpd.cgi' found within the DHCPD Setting Handler. This flaw may allow remote attackers to manipulate access and exploit the device's functionality. The issue has been publicly disclosed, which raises concerns regarding potential exploitation by malicious entities. Users of the affected product are advised to implement appropriate security measures to mitigate risks.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-02T11:00:15.000Z,true,false,false,,2025-01-02T11:00:15.898Z,0
CVE-2024-13104,https://securityvulnerability.io/vulnerability/CVE-2024-13104,Access Control Vulnerability in D-Link DIR-816 A2 Wi-Fi Router,"A significant vulnerability in the D-Link DIR-816 A2 allows attackers to exploit improper access controls within the WiFi Settings Handler. The affected component is a function within the file /goform/form2AdvanceSetup.cgi. This vulnerability can be exploited remotely, enabling unauthorized access that could compromise network integrity. With the exploit publicly disclosed, it is crucial for users to take immediate actions to secure their devices against potential malware and unauthorized access.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-02T10:31:05.000Z,true,false,false,,2025-01-02T10:31:05.831Z,0
CVE-2024-13103,https://securityvulnerability.io/vulnerability/CVE-2024-13103,Improper Access Control in D-Link DIR-816 A2 Router,"A security vulnerability has been identified in the D-Link DIR-816 A2 router, specifically within the Virtual Service Handler component. This vulnerability involves improper access controls related to the processing of the /goform/form2AddVrtsrv.cgi file. As a result, unauthorized individuals may execute remote attacks, potentially compromising the integrity of the device. The publicly disclosed nature of the exploit increases the urgency for users to review their security configurations and apply necessary mitigations.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-02T10:00:19.000Z,true,false,false,,2025-01-02T10:00:19.082Z,0
CVE-2024-13102,https://securityvulnerability.io/vulnerability/CVE-2024-13102,Improper Access Control in D-Link DIR-816 A2 DDNS Service,"A vulnerability impacting the D-Link DIR-816 A2's DDNS Service has been identified, leading to improper access controls. This security flaw allows remote attackers to manipulate the affected code located in the /goform/DDNS file, potentially resulting in unauthorized access. Given that the vulnerability has been publicly disclosed, stakeholders should prioritize assessing and mitigating the risk associated with this issue to prevent any potential exploitation.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2025-01-02T09:31:05.000Z,true,false,false,,2025-01-02T09:31:05.191Z,0
CVE-2024-11960,https://securityvulnerability.io/vulnerability/CVE-2024-11960,Buffer Overflow Vulnerability in D-Link DIR-605L Router,"A critical buffer overflow vulnerability has been identified in the D-Link DIR-605L router firmware version 2.13B01. This security flaw resides in the formSetPortTr function, specifically within the /goform/formSetPortTr file. An attacker can exploit this vulnerability remotely by manipulating the curTime argument, which results in a buffer overflow. The exploit has been published publicly, increasing the risk of potential attacks. Users are strongly advised to apply security updates and monitor their devices to prevent unauthorized access.",D-link,Dir-605l,8.8,HIGH,0.001500000013038516,false,,false,false,true,2024-11-28T14:31:09.000Z,true,false,false,,2024-11-28T14:31:09.257Z,0
CVE-2024-11959,https://securityvulnerability.io/vulnerability/CVE-2024-11959,Buffer Overflow in D-Link DIR-605L Affects Device Security,"CVE-2024-11959 is a critical vulnerability located in the D-Link DIR-605L firmware version 2.13B01. This buffer overflow vulnerability arises from improper handling of the 'curTime' argument in the formResetStatistic function of the /goform/formResetStatistic file. An attacker can exploit this flaw remotely, potentially leading to unauthorized access and control over the affected device. The public disclosure of this exploit underlines the urgency in implementing mitigation strategies to safeguard network security. Users are advised to update their firmware or take necessary precautions to mitigate potential risks.",D-link,Dir-605l,8.8,HIGH,0.001500000013038516,false,,false,false,true,2024-11-28T14:31:05.000Z,true,false,false,,2024-11-28T14:31:05.705Z,0
CVE-2024-11048,https://securityvulnerability.io/vulnerability/CVE-2024-11048,Buffer Overflow Vulnerability in D-Link DI-8003 Router,"A critical buffer overflow vulnerability has been identified in the D-Link DI-8003 router, specifically within the dbsrv_asp function of the /dbsrv.asp file. This security flaw allows attackers to manipulate the 'str' argument, potentially leading to a stack-based buffer overflow. This remote exploit can be initiated without authentication, thereby posing a significant risk to users. The vulnerability has been publicly disclosed, making both the product and its users vulnerable to active exploitation. Immediate action is advised to protect against this significant security threat.",D-link,Di-8003,9.8,CRITICAL,0.0008699999889358878,false,,false,false,true,2024-11-10T04:00:10.000Z,true,false,false,,2024-11-10T04:00:10.367Z,0
CVE-2024-11047,https://securityvulnerability.io/vulnerability/CVE-2024-11047,Stack Buffer Overflow Vulnerability in D-Link DI-8003 Router,"The D-Link DI-8003 router, specifically firmware version 16.07.16A1, contains a critical vulnerability involving a stack-based buffer overflow in the upgrade_filter_asp function located in the /upgrade_filter.asp file. This vulnerability is triggered through improper handling of the 'path' argument, which can be exploited by remote attackers to execute arbitrary code or cause denial-of-service conditions. The vulnerability is publicly disclosed and poses significant risks due to its remote exploitability, underscoring the need for immediate attention and remediation by affected users.",D-link,Di-8003,9.8,CRITICAL,0.0008699999889358878,false,,false,false,true,2024-11-10T03:31:04.000Z,true,false,false,,2024-11-10T03:31:04.900Z,0
CVE-2024-11046,https://securityvulnerability.io/vulnerability/CVE-2024-11046,Command Injection Vulnerability in D-Link DI-8003 Router,"A serious command injection vulnerability has been identified in the D-Link DI-8003 router, specifically within the upgrade_filter_asp function found in the /upgrade_filter.asp file. By manipulating the 'path' argument, an attacker can potentially execute arbitrary operating system commands remotely. This security flaw exposes the device to significant security risks, making it crucial for users to address this vulnerability promptly. Publicly disclosed exploit techniques highlight the urgency of patching affected D-Link products to prevent unauthorized access and data breaches.",D-link,Di-8003,9.8,CRITICAL,0.0008900000248104334,false,,false,false,true,2024-11-10T03:00:10.000Z,true,false,false,,2024-11-10T03:00:10.737Z,0
CVE-2024-10914,https://securityvulnerability.io/vulnerability/CVE-2024-10914,D-Link Routers Vulnerable to OS Command Injection Attacks,"A vulnerability exists in D-Link network attached storage devices, including the DNS-320, DNS-320LW, DNS-325, and DNS-340L, which allows for OS command injection. This issue arises in the cgi_user_add function of the /cgi-bin/account_mgr.cgi interface, where improper handling of the 'name' argument can be exploited. The attack can be executed remotely, although the complexity of successfully exploiting this vulnerability is relatively high and requires advanced knowledge. Public disclosure of the exploit amplifies the risk, necessitating immediate attention to secure affected devices.",D-Link,Dns-320 Firmware,9.8,CRITICAL,0.16929000616073608,false,,true,false,true,2024-11-08T14:21:09.000Z,true,true,true,2024-11-11T06:52:01.862Z,2024-11-06T14:15:00.000Z,9109
CVE-2024-9915,https://securityvulnerability.io/vulnerability/CVE-2024-9915,Buffer Overflow Vulnerability in D-Link Router Software,"A serious buffer overflow vulnerability has been identified in the D-Link DIR-619L B1 router, specifically in the formVirtualServ function located in the /goform/formVirtualServ file. This flaw arises from improper handling of the curTime argument, allowing attackers to exploit the vulnerability remotely. The risk of exploitation is elevated due to the public disclosure of this vulnerability, and it could lead to unauthorized access or control over the affected device. Users and administrators are strongly encouraged to review security recommendations provided by D-Link and update their firmware to mitigate this critical security risk.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T17:31:04.000Z,true,false,false,,2024-10-13T18:31:04.848Z,0
CVE-2024-9914,https://securityvulnerability.io/vulnerability/CVE-2024-9914,Buffer Overflow Vulnerability in D-Link DIR-619L B1 2.06 Allows Remote Attack,"A buffer overflow vulnerability exists in the D-Link DIR-619L router's function formSetWizardSelectMode. This security flaw arises from improper handling of the curTime argument within the specified file, /goform/formSetWizardSelectMode. It allows attackers to exploit the buffer overflow remotely, potentially compromising the device's functionality and security. The exploit, which has been publicly disclosed, poses a significant risk to users of the affected D-Link DIR-619L model.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T17:00:06.000Z,true,false,false,,2024-10-13T18:00:06.971Z,0
CVE-2024-9913,https://securityvulnerability.io/vulnerability/CVE-2024-9913,Buffer Overflow Vulnerability in D-Link DIR-619L B1 2.06,"A security vulnerability has been identified in the D-Link DIR-619L B1 router, specifically in the formSetRoute function located in the /goform/formSetRoute file. The issue arises from inadequate input validation leading to a buffer overflow situation. An attacker can remotely manipulate the 'curTime' argument to exploit this flaw, which may compromise the device's integrity and security. The vulnerability has been publicly disclosed, rendering affected routers susceptible to potential attacks that could exploit this weakness.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T16:31:04.000Z,true,false,false,,2024-10-13T17:31:04.724Z,0
CVE-2024-9912,https://securityvulnerability.io/vulnerability/CVE-2024-9912,Buffer Overflow Vulnerability in D-Link DIR-619L B1 2.06,"A recently identified vulnerability in the D-Link DIR-619L B1 version 2.06 resides in the formSetQoS function within the file /goform/formSetQoS. This vulnerability allows for a buffer overflow through improper argument handling of the curTime parameter. The flaw can be exploited remotely, facilitating unauthorized access and potential manipulation of network settings. This publicly disclosed vulnerability poses a significant risk for users of this router, making it essential for affected individuals to implement remedial measures promptly.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T15:31:05.000Z,true,false,false,,2024-10-13T16:31:05.117Z,0
CVE-2024-9911,https://securityvulnerability.io/vulnerability/CVE-2024-9911,Buffer Overflow Vulnerability in D-Link DIR-619L B1 2.06 Could Allow Remote Exploitation,"A severe buffer overflow vulnerability exists in the D-Link DIR-619L B1 version 2.06, specifically within the formSetPortTr function located in the /goform/formSetPortTr file. An attacker can exploit this weakness by manipulating the curTime argument, which may result in unauthorized access and allow for potential remote attacks. The exploit has been publicly disclosed, heightening the security risk for users of this device. Mitigation strategies are highly recommended to safeguard against such vulnerabilities.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T15:00:07.000Z,true,false,false,,2024-10-13T16:00:07.222Z,0
CVE-2024-9910,https://securityvulnerability.io/vulnerability/CVE-2024-9910,Buffer Overflow Vulnerability in D-Link DIR-619L B1 2.06,"A vulnerability has been identified in the D-Link DIR-619L B1 router's firmware version 2.06 related to the function formSetPassword found in the file /goform/formSetPassword. The manipulation of the curTime argument can lead to a buffer overflow condition. This security flaw allows an attacker to execute a remote exploit, potentially compromising the device's integrity and security. The exploit has been publicly disclosed, which raises the urgency for affected users to apply necessary security measures.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T13:31:04.000Z,true,false,false,,2024-10-13T14:31:04.973Z,0
CVE-2024-9909,https://securityvulnerability.io/vulnerability/CVE-2024-9909,Buffer Overflow Vulnerability in DIR-619L B1 2.06 Could Lead to Remote Exploitation,"A vulnerability has been identified in the D-Link DIR-619L B1 router, specifically affecting the formSetMuti function located in the /goform/formSetMuti file. The issue arises when the curTime argument is manipulated, which can lead to a buffer overflow condition. This vulnerability allows remote attackers to potentially execute arbitrary code. Public awareness of the exploit has been raised, indicating the possibility of exploitation in the wild.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T13:00:07.000Z,true,false,false,,2024-10-13T14:00:07.160Z,0
CVE-2024-9908,https://securityvulnerability.io/vulnerability/CVE-2024-9908,Buffer Overflow Vulnerability in D-Link DIR-619L Router,"A significant buffer overflow vulnerability has been identified in the D-Link DIR-619L B1 router, specifically within the formSetMACFilter function located at /goform/formSetMACFilter. This security flaw occurs due to improper handling of the 'curTime' argument, which could allow an attacker to exploit this weakness and execute arbitrary code or disrupt router functionality. Public disclosure of this vulnerability has raised concerns, urging users to take immediate action to secure their devices. It is crucial for users of the affected D-Link DIR-619L B1 version 2.06 to apply security updates and mitigate potential risks associated with this vulnerability.",D-link,Dir-619l B1,8.8,HIGH,0.001990000018849969,false,,false,false,true,2024-10-13T11:00:06.000Z,true,false,false,,2024-10-13T12:00:06.936Z,0