Dlink

Dir-600 Firmware

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-15194

Exploit
  • EPSS 0.14%
  • Veröffentlicht 29.12.2025 15:32:09
  • Zuletzt bearbeitet 13.01.2026 21:11:47

A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer...

9.8

CVE-2018-25115

Exploit
  • EPSS 1.64%
  • Veröffentlicht 27.08.2025 21:24:23
  • Zuletzt bearbeitet 24.09.2025 18:03:34

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system comman...

9.8

CVE-2013-10069

Exploit
  • EPSS 71.68%
  • Veröffentlicht 05.08.2025 20:01:04
  • Zuletzt bearbeitet 23.09.2025 18:37:48

The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attac...

9.8

CVE-2013-10048

Exploit
  • EPSS 59.84%
  • Veröffentlicht 01.08.2025 20:39:20
  • Zuletzt bearbeitet 23.09.2025 17:41:57

An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to improper input handling in the unauthenticated command.php endpoint. By sending spe...

9.8

CVE-2024-7357

Exploit
  • EPSS 1.07%
  • Veröffentlicht 01.08.2024 13:15:10
  • Zuletzt bearbeitet 16.07.2025 13:53:45

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-600 up to 2.18. It has been rated as critical. This issue affects the function soapcgi_main of the file /soap.cgi. The manipulation of the argument service leads to os command in...

9.8

CVE-2023-33625

Exploit
  • EPSS 89.18%
  • Veröffentlicht 12.06.2023 20:15:12
  • Zuletzt bearbeitet 21.11.2024 08:05:46

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function.

9.8

CVE-2023-33626

Exploit
  • EPSS 1.67%
  • Veröffentlicht 12.06.2023 20:15:12
  • Zuletzt bearbeitet 21.11.2024 08:05:46

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary.

9.8

CVE-2013-7471

Exploit
  • EPSS 29.65%
  • Veröffentlicht 11.06.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 02:01:05

An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalCli...

8.8

CVE-2014-100005

Warnung Exploit
  • EPSS 40.76%
  • Veröffentlicht 13.01.2015 11:59:04
  • Zuletzt bearbeitet 22.10.2025 01:15:55

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account or ...