cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-1539,https://securityvulnerability.io/vulnerability/CVE-2025-1539,Stack-based Buffer Overflow Vulnerability in D-Link DAP-1320 Products,"A security vulnerability has been identified in D-Link DAP-1320 version 1.00, specifically within the function replace_special_char in the file /storagein.pd-XXXXXX. This flaw allows for a stack-based buffer overflow, which can be exploited remotely by attackers. Notably, this vulnerability affects devices that are no longer supported by D-Link, further emphasizing the significance of maintaining updated and secure products. The exploit method has already been disclosed, raising concerns for users of the affected devices. It is crucial for D-Link DAP-1320 users to be aware of potential threats and take necessary precautions to safeguard their network.",D-link,Dap-1320,8.7,HIGH,0.01,false,,false,false,true,2025-02-21T15:00:14.000Z,true,false,false,,2025-02-21T15:00:14.905Z,0
CVE-2025-1538,https://securityvulnerability.io/vulnerability/CVE-2025-1538,Heap-based Buffer Overflow in D-Link DAP-1320 Vulnerable Function,"A significant vulnerability has been identified in the D-Link DAP-1320 version 1.00, specifically within the set_ws_action function of the /dws/api/ file. This flaw results in a heap-based buffer overflow, which could be exploited remotely, potentially allowing attackers to manipulate system behavior or gain unauthorized access. This vulnerability primarily affects devices that are no longer supported by D-Link, making it critical for users to assess their risk and consider necessary mitigations.",D-link,Dap-1320,8.7,HIGH,0.01,false,,false,false,true,2025-02-21T15:00:08.000Z,true,false,false,,2025-02-21T15:00:08.968Z,0
CVE-2024-57045,https://securityvulnerability.io/vulnerability/CVE-2024-57045,D-Link DIR-859 Router Authentication Bypass Vulnerability,"A vulnerability exists in the D-Link DIR-859 router, where an attacker can bypass authentication mechanisms due to insufficient access controls. By sending a forged POST request to the /getcfg.php endpoint, unauthorized individuals can gain access to sensitive user credentials, including usernames and passwords. This flaw poses a significant risk for users, allowing potential intruders to exploit the router's configuration and compromise the network's security.",D-Link,DIR-859 Router,9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-18T00:00:00.000Z,0
CVE-2025-25891,https://securityvulnerability.io/vulnerability/CVE-2025-25891,Buffer Overflow Vulnerability in D-Link DSL-3782 Router,"A buffer overflow vulnerability has been identified in the D-Link DSL-3782 router, specifically in version 1.01. This vulnerability can be triggered by improperly formatted destination, netmask, and gateway parameters, allowing malicious actors to send crafted packets. Exploitation of this flaw could lead to a Denial of Service (DoS) scenario, disrupting network services and rendering the device inoperable. It is imperative for users to assess their devices and apply necessary security updates to mitigate potential risks.",D-Link,DSL-3782,5.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-18T00:00:00.000Z,0
CVE-2025-25892,https://securityvulnerability.io/vulnerability/CVE-2025-25892,Buffer Overflow in D-Link DSL Router Products,"A buffer overflow vulnerability has been detected in D-Link DSL-3782 v1.01 that exploits multiple parameters including sstartip, sendip, dstartip, and dendip. This vulnerability can be manipulated by attackers to send specially crafted packets, which may lead to a Denial of Service (DoS), disrupting device functionality and network services.",D-Link,D-Link DSL-3782,5.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-18T00:00:00.000Z,0
CVE-2025-25896,https://securityvulnerability.io/vulnerability/CVE-2025-25896,Buffer Overflow Vulnerability in D-Link DSL-3782,"A buffer overflow vulnerability in D-Link's DSL-3782 version 1.01 was identified, which can be exploited through the manipulation of the destination, netmask, and gateway parameters. Attackers can craft specific packets that may lead to a Denial of Service (DoS), effectively disrupting network services.",D-Link,DSL-3782,5.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-18T00:00:00.000Z,0
CVE-2025-25893,https://securityvulnerability.io/vulnerability/CVE-2025-25893,OS Command Injection in D-Link DSL-3782 by D-Link,"An OS command injection vulnerability exists in the D-Link DSL-3782 router, allowing malicious actors to execute arbitrary OS commands through specially crafted packets. Exploiting this vulnerability involves manipulating parameters such as inIP, insPort, inePort, exsPort, exePort, and protocol, potentially leading to unauthorized system access and control. Proper security measures should be implemented to protect against potential exploitation.",D-Link,DSL-3782,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-18T00:00:00.000Z,0
CVE-2025-25895,https://securityvulnerability.io/vulnerability/CVE-2025-25895,OS Command Injection Vulnerability in D-Link DSL-3782 Router,"An OS command injection vulnerability exists in the D-Link DSL-3782 router, specifically through the manipulation of the public_type parameter. This flaw enables attackers to execute arbitrary operating system commands by sending specially crafted packets, potentially leading to unauthorized access and control over the device. Mitigating this risk is crucial to maintaining the security and integrity of network operations.",D-Link,DSL-3782,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-18T00:00:00.000Z,0
CVE-2025-25894,https://securityvulnerability.io/vulnerability/CVE-2025-25894,OS Command Injection Vulnerability in D-Link DSL-3782 Router,"An OS command injection vulnerability has been identified in the D-Link DSL-3782 router (version 1.01). This flaw arises when user-supplied parameters, such as samba_wg and samba_nbn, are improperly validated, allowing attackers to send specially crafted packets that execute arbitrary system commands on the device. Exploiting this vulnerability could enable unauthorized access to sensitive system functionalities, posing significant security risks.",D-Link,DSL-3782,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-18T00:00:00.000Z,0
CVE-2025-1392,https://securityvulnerability.io/vulnerability/CVE-2025-1392,Cross Site Scripting Vulnerability in D-Link DIR-816 by D-Link,"A vulnerability exists in the D-Link DIR-816 router, specifically in the functionality accessed through /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. By manipulating the SSID argument, an attacker can execute cross site scripting attacks remotely. This vulnerability affects devices that are no longer supported by D-Link, allowing potential exploitation due to its public disclosure.",D-link,Dir-816,5.1,MEDIUM,0.0006799999973736703,false,,false,false,false,,false,false,false,,2025-02-17T15:31:04.473Z,0
CVE-2025-25740,https://securityvulnerability.io/vulnerability/CVE-2025-25740,Stack-Based Buffer Overflow Vulnerability in D-Link DIR-853 Router,"The D-Link DIR-853 router has been identified to have a stack-based buffer overflow vulnerability that can be exploited through the PSK parameter in the SetQuickVPNSettings module. This flaw could potentially allow unauthorized users to execute arbitrary code, compromising the integrity and security of the device. Users of DIR-853 A1 FW1.20B07 should be aware of this vulnerability and consider immediate updates or mitigations.",D-Link,DIR-853,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-14T00:00:00.000Z,0
CVE-2025-25745,https://securityvulnerability.io/vulnerability/CVE-2025-25745,Stack-based Buffer Overflow in D-Link DIR-853 A1,"The D-Link DIR-853 A1 with Firmware 1.20B07 is susceptible to a stack-based buffer overflow vulnerability in the SetQuickVPNSettings module, specifically triggered by the Password parameter. This weakness may allow an attacker to execute arbitrary code by exploiting this flaw, potentially compromising the device's integrity and the security of connected networks.",D-Link,DIR-853 A1,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-14T00:00:00.000Z,0
CVE-2025-25744,https://securityvulnerability.io/vulnerability/CVE-2025-25744,Stack-Based Buffer Overflow in D-Link DIR-853 Router,"The D-Link DIR-853 A1 FW1.20B07 is susceptible to a stack-based buffer overflow vulnerability that can be exploited through the Password parameter in the SetDynamicDNSSettings module. This flaw allows attackers to potentially execute arbitrary code, gaining unauthorized access or control over the router, which can lead to further exploitation of the network.",D-Link,DIR-853,9.8,CRITICAL,0.0010000000474974513,false,,false,false,false,,false,false,false,,2025-02-12T00:00:00.000Z,0
CVE-2025-25741,https://securityvulnerability.io/vulnerability/CVE-2025-25741,Stack-Based Buffer Overflow in D-Link DIR-853 A1 by D-Link,"The D-Link DIR-853 A1 router, specifically version FW1.20B07, has been found to be susceptible to a stack-based buffer overflow. This vulnerability can be exploited through the IPv6_PppoePassword parameter within the SetIPv6PppoeSettings module, potentially allowing unauthorized access or control over the affected device, leading to significant security risks.",D-Link,DIR-853 A1,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:00:00.000Z,0
CVE-2025-25742,https://securityvulnerability.io/vulnerability/CVE-2025-25742,Buffer Overflow Vulnerability in D-Link DIR-853 A1 Router,"The D-Link DIR-853 A1 router has been found to contain a stack-based buffer overflow vulnerability. This issue arises through improper handling of the AccountPassword parameter in the SetSysEmailSettings module. An attacker could exploit this vulnerability to inject malicious code, potentially compromising the device's integrity and security. Users are advised to monitor their devices and apply any available security patches to mitigate the risk of exploitation through this vulnerability.",D-Link,DIR-853 A1 Router,9.8,CRITICAL,0.0010000000474974513,false,,false,false,false,,false,false,false,,2025-02-12T00:00:00.000Z,0
CVE-2025-25743,https://securityvulnerability.io/vulnerability/CVE-2025-25743,Command Injection Vulnerability in D-Link DIR-853 A1 Router,"A command injection vulnerability exists in the SetVirtualServerSettings module of the D-Link DIR-853 A1 router, specifically in firmware version FW1.20B07. This flaw allows an attacker to craft and send malicious commands to the affected router, potentially gaining unauthorized access to sensitive configurations and control of the device. Exploitation of this vulnerability could lead to significant security risks, including unauthorized network access and manipulation of router settings.",D-Link,DIR-853 A1 Router,7.2,HIGH,0.0004900000058114529,false,,false,false,false,,false,false,false,,2025-02-12T00:00:00.000Z,0
CVE-2025-25746,https://securityvulnerability.io/vulnerability/CVE-2025-25746,Stack-Based Buffer Overflow Vulnerability in D-Link DIR-853 Router,"The D-Link DIR-853 A1 router with firmware version 1.20B07 is susceptible to a stack-based buffer overflow vulnerability within its SetWanSettings module. This issue arises due to improper handling of the Password parameter, potentially allowing an attacker to execute arbitrary code or disrupt service. Users are strongly encouraged to implement security measures and update their device firmware to mitigate the risks associated with this vulnerability.",D-Link,DIR-853,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:00:00.000Z,0
CVE-2025-1104,https://securityvulnerability.io/vulnerability/CVE-2025-1104,Authentication Bypass Vulnerability in D-Link DHP-W310AV by D-Link,"A vulnerability discovered in the D-Link DHP-W310AV 1.04 model allows attackers to bypass authentication through spoofing techniques. This flaw can be exploited remotely, enabling unauthorized users to gain access to sensitive functionalities without needing valid credentials. The implications of this vulnerability are significant, as attackers can potentially manipulate the device, leading to unauthorized actions that compromise the security of the network. Users of the D-Link DHP-W310AV are urged to apply the necessary security patches and monitor their systems for any suspicious activity.",D-link,DHP-w310av,6.9,MEDIUM,0.0005499999970197678,false,,false,false,true,2025-02-07T16:31:04.000Z,true,false,false,,2025-02-07T16:31:04.664Z,0
CVE-2025-1103,https://securityvulnerability.io/vulnerability/CVE-2025-1103,Null Pointer Dereference in D-Link DIR-823X Router,"A problematic vulnerability has been identified in D-Link DIR-823X routers, specifically in the set_wifi_blacklists function within the HTTP POST Request Handler. This weakness arises when the macList argument is manipulated, potentially leading to a null pointer dereference. Attackers can exploit this issue remotely, requiring no authentication. The details of this vulnerability have been publicly disclosed, raising concerns about the security of affected devices.",D-link,Dir-823x,7.1,HIGH,0.00044999999227002263,false,,false,false,true,2025-02-07T15:00:10.000Z,true,false,false,,2025-02-07T15:00:10.453Z,0
CVE-2024-57376,https://securityvulnerability.io/vulnerability/CVE-2024-57376,Buffer Overflow Vulnerability in D-Link DSR Series Routers,"The D-Link DSR series routers, specifically models DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, and DSR-1000N, contain a buffer overflow vulnerability. This flaw affects firmware versions 3.13 to 3.17B901C, enabling unauthenticated users to execute arbitrary code remotely. This vulnerability highlights the critical importance of maintaining up-to-date firmware to protect network devices from unauthorized access and potential exploitation.",D-Link,DSR Series Routers,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T00:00:00.000Z,79
CVE-2024-56914,https://securityvulnerability.io/vulnerability/CVE-2024-56914,Buffer Overflow in D-Link DSL-3782 Parental Control Interface,"The D-Link DSL-3782 version 1.01 contains a buffer overflow vulnerability in the Parental Control configuration interface. This flaw allows attackers to exploit the affected product, potentially leading to arbitrary code execution on the device. Proper validation and handling of input data are essential to prevent unauthorized access and manipulation of the router's functionalities.",D-Link,D-Link DSL-3782,5.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-22T00:00:00.000Z,0
CVE-2024-57679,https://securityvulnerability.io/vulnerability/CVE-2024-57679,Access Control Flaw in D-Link Router Models Enabling Unauthorized Configuration,"An access control issue in the form2RepeaterSetup.cgi component of D-Link 816A2 firmware allows unauthorized attackers to exploit the device's configuration. By sending specially crafted POST requests, these attackers can manipulate the settings for both the 2.4G and 5G repeater services. This vulnerability presents a significant risk as it allows for unauthorized alterations, compromising the integrity and security of the device. Immediate attention is recommended for users to secure their routers against possible exploitation.",D-Link,D-Link 816A2 Firmware,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-16T00:00:00.000Z,0
CVE-2024-57682,https://securityvulnerability.io/vulnerability/CVE-2024-57682,Information Disclosure Vulnerability in D-Link 816A2 Firmware,"An information disclosure vulnerability exists in the d_status.asp component of the D-Link 816A2 firmware, allowing unauthorized attackers to glean sensitive information. This vulnerability is exploited through a specially crafted POST request, posing risks to users who may unknowingly expose critical data. It is crucial for users of the affected firmware to implement necessary safeguards and monitor for updates that mitigate this type of exploitation.",D-Link,D-Link 816A2 Firmware,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-16T00:00:00.000Z,0
CVE-2024-57680,https://securityvulnerability.io/vulnerability/CVE-2024-57680,Access Control Flaw in D-Link 816 A2 Firmware,"An access control flaw in the form2PortriggerRule.cgi component of D-Link 816 A2 firmware allows unauthenticated attackers to manipulate the device’s port triggering settings through a specially crafted POST request. This vulnerability may facilitate unauthorized network access and compromise the device's security, potentially enabling further exploitation or manipulation of connected networks.",D-Link,D-Link 816 A2 Firmware,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-16T00:00:00.000Z,0
CVE-2024-57677,https://securityvulnerability.io/vulnerability/CVE-2024-57677,Access Control Vulnerability in D-Link DIR-816 Router,"An access control issue in the form2Wan.cgi component of the D-Link DIR-816 router enables unauthenticated attackers to manipulate the WAN service settings through specially crafted POST requests. This vulnerability can lead to unauthorized control over the device's network configuration, potentially compromising the security of the network. Users of this router version are advised to apply security updates and implement proper security measures.",D-Link,DIR-816,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-16T00:00:00.000Z,0