CVE-2025-6158
- EPSS 0.09%
- Published 17.06.2025 03:31:05
- Last modified 16.07.2025 17:00:25
A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack ...
- EPSS 94.34%
- Published 27.09.2019 12:15:10
- Last modified 03.04.2025 19:51:22
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common i...
CVE-2019-13560
- EPSS 2.04%
- Published 11.07.2019 15:15:11
- Last modified 21.11.2024 04:25:10
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter.
- EPSS 21.43%
- Published 11.07.2019 15:15:11
- Last modified 21.11.2024 04:25:10
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter.
CVE-2019-13562
- EPSS 0.77%
- Published 11.07.2019 15:15:11
- Last modified 21.11.2024 04:25:10
D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping6_ipaddr parameter, and the /www/apply_sec.cgi html_response_return_page parameter.
CVE-2019-13563
- EPSS 0.18%
- Published 11.07.2019 15:15:11
- Last modified 21.11.2024 04:25:10
D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console.