cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-57684,https://securityvulnerability.io/vulnerability/CVE-2024-57684,Access Control Flaw in D-Link 816 Router Firmware,"An access control issue in the D-Link 816A2 router firmware allows unauthenticated attackers to manipulate the DMZ (Demilitarized Zone) service settings. By exploiting this vulnerability through a specially crafted POST request, an attacker can gain unauthorized access to the device's configuration, potentially compromising the security of connected networks. This flaw underscores the importance of maintaining updated firmware and robust access controls to safeguard IoT devices.",D-Link,D-Link 816A2 Firmware,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57676,https://securityvulnerability.io/vulnerability/CVE-2024-57676,Access Control Issue in D-Link Router Allows Unauthenticated Network Configuration,"An access control flaw in D-Link's 816A2 firmware allows unauthenticated attackers to change the WLAN settings for both 2.4G and 5G networks. By sending a specially crafted POST request, attackers can manipulate crucial network configurations without needing any form of authentication. This vulnerability could potentially expose sensitive network environments to unauthorized access and attacks, making it essential for users to ensure their firmware is up to date and to implement additional security measures.",D-Link,D-Link 816A2 Firmware,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57680,https://securityvulnerability.io/vulnerability/CVE-2024-57680,Access Control Flaw in D-Link 816 A2 Firmware,"An access control flaw in the form2PortriggerRule.cgi component of D-Link 816 A2 firmware allows unauthenticated attackers to manipulate the device’s port triggering settings through a specially crafted POST request. This vulnerability may facilitate unauthorized network access and compromise the device's security, potentially enabling further exploitation or manipulation of connected networks.",D-Link,D-Link 816 A2 Firmware,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57683,https://securityvulnerability.io/vulnerability/CVE-2024-57683,Access Control Issue in D-Link Router Products,"An access control vulnerability in the 'websURLFilterAddDel' component of D-Link 816A2 devices allows unauthenticated attackers to exploit the device settings. By sending a manipulated POST request, attackers can alter filter settings without proper authorization, posing significant risks to device security and network integrity.",D-Link,D-Link 816A2,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57679,https://securityvulnerability.io/vulnerability/CVE-2024-57679,Access Control Flaw in D-Link Router Models Enabling Unauthorized Configuration,"An access control issue in the form2RepeaterSetup.cgi component of D-Link 816A2 firmware allows unauthorized attackers to exploit the device's configuration. By sending specially crafted POST requests, these attackers can manipulate the settings for both the 2.4G and 5G repeater services. This vulnerability presents a significant risk as it allows for unauthorized alterations, compromising the integrity and security of the device. Immediate attention is recommended for users to secure their routers against possible exploitation.",D-Link,D-Link 816A2 Firmware,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57677,https://securityvulnerability.io/vulnerability/CVE-2024-57677,Access Control Vulnerability in D-Link DIR-816 Router,"An access control issue in the form2Wan.cgi component of the D-Link DIR-816 router enables unauthenticated attackers to manipulate the WAN service settings through specially crafted POST requests. This vulnerability can lead to unauthorized control over the device's network configuration, potentially compromising the security of the network. Users of this router version are advised to apply security updates and implement proper security measures.",D-Link,DIR-816,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57678,https://securityvulnerability.io/vulnerability/CVE-2024-57678,Access Control Flaw in D-Link DIR-816 Wireless Router,"An access control vulnerability in the form2WlAc.cgi component of the D-Link DIR-816 wireless router enables unauthenticated attackers to modify the 2.4G and 5G MAC access control list. This can be achieved by sending a specially crafted POST request to the device, potentially allowing unauthorized access to the network. It is crucial for users to update their firmware and review security settings to prevent exploitation of this vulnerability.",D-Link,DIR-816,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57681,https://securityvulnerability.io/vulnerability/CVE-2024-57681,Access Control Issues in D-Link 816A2 Firmware,"An access control vulnerability exists in the D-Link 816A2 device's firmware, specifically in the form2alg.cgi component. This flaw allows unauthenticated users to manipulate the agl service of the device by sending specially crafted POST requests. If successfully exploited, this could lead to unauthorized changes to device settings and compromise the security of the network it’s connected to. It is crucial for users to apply the necessary patches and follow security best practices to mitigate the risks associated with this vulnerability.",D-Link,D-Link 816A2 Firmware,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2024-57682,https://securityvulnerability.io/vulnerability/CVE-2024-57682,Information Disclosure Vulnerability in D-Link 816A2 Firmware,"An information disclosure vulnerability exists in the d_status.asp component of the D-Link 816A2 firmware, allowing unauthorized attackers to glean sensitive information. This vulnerability is exploited through a specially crafted POST request, posing risks to users who may unknowingly expose critical data. It is crucial for users of the affected firmware to implement necessary safeguards and monitor for updates that mitigate this type of exploitation.",D-Link,D-Link 816A2 Firmware,,,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-16T00:00:00.000Z,0
CVE-2025-0492,https://securityvulnerability.io/vulnerability/CVE-2025-0492,Null Pointer Dereference in D-Link DIR-823X,"A vulnerability exists in the D-Link DIR-823X models 240126 and 240802 due to improper handling of a function resulting in a null pointer dereference. This flaw allows remote attackers to exploit the device, potentially leading to a denial of service. Awareness of this vulnerability is crucial as it has been publicly disclosed, increasing the risk of exploitation.",D-link,Dir-823x,8.7,HIGH,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-15T22:00:17.134Z,0
CVE-2025-0481,https://securityvulnerability.io/vulnerability/CVE-2025-0481,Information Disclosure Vulnerability in D-Link DIR-878 Router,"A vulnerability has been identified in the D-Link DIR-878 router version 1.03, specifically within the file /dllog.cgi of the HTTP POST Request Handler. This issue allows attackers to exploit improper access controls to gain unauthorized access to sensitive information remotely. The flaw can potentially expose critical data, leading to privacy concerns. The exploitation of this vulnerability has been publicly disclosed, warning users to take precautionary measures to safeguard their networks.",D-link,Dir-878,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-15T19:00:13.869Z,0
CVE-2025-22968,https://securityvulnerability.io/vulnerability/CVE-2025-22968,Remote Code Execution Vulnerability in D-Link DWR-M972V,"D-Link DWR-M972V 1.05SSG suffers from a vulnerability that allows remote attackers to execute arbitrary commands via SSH. This issue enables attackers to access and manipulate the device's operations using the root account without authentication or restrictions, posing a significant risk to device integrity and network security. It is crucial for users to promptly apply any available security updates to mitigate potential exploitation.",D-Link,DWR-M972V,9.8,CRITICAL,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-15T00:00:00.000Z,0
CVE-2024-13108,https://securityvulnerability.io/vulnerability/CVE-2024-13108,Improper Access Control in D-Link DIR-816 A2 Router,"A vulnerability exists in the D-Link DIR-816 A2 router that affects the handling of access controls in the file /goform/form2NetSniper.cgi. This issue can be exploited remotely, potentially allowing unauthorized access to sensitive functions. The flaw has been publicly disclosed, raising concerns regarding its exploitation. Users of the affected version, 1.10CNB05_R1B011D88210, should take immediate action to secure their devices against potential threats stemming from this vulnerability.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-02T12:31:05.759Z,0
CVE-2024-13107,https://securityvulnerability.io/vulnerability/CVE-2024-13107,Improper Access Control in D-Link DIR-816 Router,"A vulnerability has been identified in the D-Link DIR-816 A2 router that allows for the potential exploitation of access controls through the component ACL Handler, particularly the file /goform/form2LocalAclEditcfg.cgi. This vulnerability could permit unauthorized remote access, compromising the integrity and security of the device. An exploit has been publicly disclosed, raising awareness about the possible risks involved. Users are encouraged to review their configurations and apply necessary security measures to safeguard their networks.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-02T12:00:17.338Z,0
CVE-2024-13106,https://securityvulnerability.io/vulnerability/CVE-2024-13106,Access Control Vulnerability in D-Link Router DIR-816 A2,"A serious security vulnerability has been identified in the D-Link DIR-816 A2 router, specifically in the IP QoS handler's file at /goform/form2IPQoSTcAdd. This flaw allows unauthorized access due to improper access control mechanisms. Attackers can exploit this vulnerability remotely, potentially compromising sensitive functionalities of the router. With the exploit disclosed in the public domain, the affected user base is urged to apply necessary mitigations promptly to safeguard their networks.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-02T11:31:05.262Z,0
CVE-2024-13105,https://securityvulnerability.io/vulnerability/CVE-2024-13105,Improper Access Control in D-Link DIR-816 A2 Device,"A vulnerability exists in the D-Link DIR-816 A2 that allows for improper access controls in the file '/goform/form2Dhcpd.cgi' found within the DHCPD Setting Handler. This flaw may allow remote attackers to manipulate access and exploit the device's functionality. The issue has been publicly disclosed, which raises concerns regarding potential exploitation by malicious entities. Users of the affected product are advised to implement appropriate security measures to mitigate risks.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-02T11:00:15.898Z,0
CVE-2024-13104,https://securityvulnerability.io/vulnerability/CVE-2024-13104,Access Control Vulnerability in D-Link DIR-816 A2 Wi-Fi Router,"A significant vulnerability in the D-Link DIR-816 A2 allows attackers to exploit improper access controls within the WiFi Settings Handler. The affected component is a function within the file /goform/form2AdvanceSetup.cgi. This vulnerability can be exploited remotely, enabling unauthorized access that could compromise network integrity. With the exploit publicly disclosed, it is crucial for users to take immediate actions to secure their devices against potential malware and unauthorized access.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-02T10:31:05.831Z,0
CVE-2024-13103,https://securityvulnerability.io/vulnerability/CVE-2024-13103,Improper Access Control in D-Link DIR-816 A2 Router,"A security vulnerability has been identified in the D-Link DIR-816 A2 router, specifically within the Virtual Service Handler component. This vulnerability involves improper access controls related to the processing of the /goform/form2AddVrtsrv.cgi file. As a result, unauthorized individuals may execute remote attacks, potentially compromising the integrity of the device. The publicly disclosed nature of the exploit increases the urgency for users to review their security configurations and apply necessary mitigations.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-02T10:00:19.082Z,0
CVE-2024-13102,https://securityvulnerability.io/vulnerability/CVE-2024-13102,Improper Access Control in D-Link DIR-816 A2 DDNS Service,"A vulnerability impacting the D-Link DIR-816 A2's DDNS Service has been identified, leading to improper access controls. This security flaw allows remote attackers to manipulate the affected code located in the /goform/DDNS file, potentially resulting in unauthorized access. Given that the vulnerability has been publicly disclosed, stakeholders should prioritize assessing and mitigating the risk associated with this issue to prevent any potential exploitation.",D-link,Dir-816 A2,6.9,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2025-01-02T09:31:05.191Z,0
CVE-2024-13030,https://securityvulnerability.io/vulnerability/CVE-2024-13030,Improper Access Controls in D-Link DIR-823G Web Management Interface,"The D-Link DIR-823G router has a vulnerability within its web management interface, specifically concerning multiple settings functions, including SetAutoRebootSettings, SetClientInfo, SetDMZSettings, SetFirewallSettings, SetParentsControlInfo, SetQoSSettings, and SetVirtualServerSettings. This vulnerability arises due to improper access controls in the /HNAP1/ component, enabling remote attackers to exploit the flaw without local access. A successful attack may allow unauthorized manipulation of critical network settings, potentially compromising the integrity and security of the network.",D-link,Dir-823g,6.9,MEDIUM,0.0004400000034365803,false,false,false,false,false,false,false,2024-12-30T01:15:00.000Z,0
CVE-2024-37605,https://securityvulnerability.io/vulnerability/CVE-2024-37605,Denial of Service Vulnerability in D-Link DIR-860L Router,"A NULL pointer dereference vulnerability in the D-Link DIR-860L router under firmware version REVB_FIRMWARE_2.04.B04_ic5b allows an attacker to exploit the device through a specially crafted HTTP request, potentially leading to a Denial of Service (DoS). This vulnerability could disrupt normal operations, making the router unresponsive and affecting network connectivity for all users. It is crucial for administrators to apply relevant patches or updates to safeguard against this security issue.",D-Link,DIR-860L,,,0.00044999999227002263,false,false,false,false,,false,false,2024-12-17T15:15:00.000Z,0
CVE-2024-37607,https://securityvulnerability.io/vulnerability/CVE-2024-37607,Buffer Overflow Vulnerability in D-Link DAP-2555 Firmware,"A buffer overflow vulnerability in the D-Link DAP-2555 REVA_FIRMWARE_1.20 enables remote attackers to craft specific HTTP requests, leading to potential Denial of Service (DoS). This flaw may allow an unauthorized user to disrupt the normal operation of the device, potentially affecting network services.",D-Link,DAP-2555,,,0.00044999999227002263,false,false,false,false,,false,false,2024-12-17T15:15:00.000Z,0
CVE-2024-37606,https://securityvulnerability.io/vulnerability/CVE-2024-37606,Stack Overflow Vulnerability in D-Link DCS-932L Security Camera,"A stack overflow vulnerability has been identified in the D-Link DCS-932L security camera, specifically in the REVB_FIRMWARE_2.18.01 version. This vulnerability allows attackers to issue specially crafted HTTP requests that can result in a Denial of Service (DoS), potentially disrupting the functionality of the affected device. This risk underscores the importance of keeping device firmware up to date to mitigate such vulnerabilities.",D-Link,DCS-932L,,,0.00044999999227002263,false,false,false,false,,false,false,2024-12-17T15:15:00.000Z,0
CVE-2024-36831,https://securityvulnerability.io/vulnerability/CVE-2024-36831,Remote Denial of Service Vulnerability in D-Link DAP-1520,"CVE-2024-36831 is a critical vulnerability in D-Link's DAP-1520 device, specifically found in the plugins_call_handle_uri_clean function. This weakness allows unauthenticated attackers to exploit a NULL pointer dereference, leading to a remote Denial of Service (DoS). An attacker can trigger this vulnerability by sending specially crafted HTTP requests, which may result in the device becoming unresponsive. Users of the affected firmware version are strongly advised to apply security patches and monitor for unusual traffic to mitigate potential exploits.",D-Link,,,,0.00044999999227002263,false,false,false,false,,false,false,2024-12-17T00:00:00.000Z,0
CVE-2024-36832,https://securityvulnerability.io/vulnerability/CVE-2024-36832,D-Link DAP-1513 Firmware Vulnerability Leading to Service Disruption,"CVE-2024-36832 identifies a severe vulnerability within the firmware of the D-Link DAP-1513 access point. Specifically, a NULL pointer dereference in the /bin/webs binary allows unauthenticated attackers to exploit the device by sending a crafted HTTP request. Upon receipt of such a request, the device's web service crashes and subsequently leads to a denial of service (DoS) condition, impacting the availability of the device and potentially the network it supports. This vulnerability highlights the critical need for timely firmware updates and robust network security measures to mitigate potential risks.",D-Link,,,,0.00044999999227002263,false,false,false,false,,false,false,2024-12-17T00:00:00.000Z,0