Dlink

Dir-815 Firmware

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-25115

Exploit
  • EPSS 0.52%
  • Veröffentlicht 27.08.2025 21:24:23
  • Zuletzt bearbeitet 24.09.2025 18:03:34

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system comman...

8.8

CVE-2025-6328

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.06.2025 09:31:05
  • Zuletzt bearbeitet 11.07.2025 15:52:09

A vulnerability was found in D-Link DIR-815 1.01. It has been declared as critical. This vulnerability affects the function sub_403794 of the file hedwig.cgi. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely...

9.8

CVE-2024-22651

Exploit
  • EPSS 4.07%
  • Veröffentlicht 24.01.2024 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:56:32

There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04.

5.3

CVE-2024-0717

Exploit
  • EPSS 28.39%
  • Veröffentlicht 19.01.2024 16:15:11
  • Zuletzt bearbeitet 21.11.2024 08:47:12

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, D...

9.8

CVE-2023-51123

Exploit
  • EPSS 47.9%
  • Veröffentlicht 10.01.2024 22:15:50
  • Zuletzt bearbeitet 20.06.2025 16:15:25

An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgi_main function of the cgibin binary component.

7.5

CVE-2023-37758

  • EPSS 0.14%
  • Veröffentlicht 18.07.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:12:13

D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi.

6.1

CVE-2020-25786

Exploit
  • EPSS 0.68%
  • Veröffentlicht 19.09.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:18:46

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploi...

9.8

CVE-2018-10106

Exploit
  • EPSS 0.66%
  • Veröffentlicht 16.04.2018 09:58:09
  • Zuletzt bearbeitet 21.11.2024 03:40:50

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED...

6.1

CVE-2018-10107

Exploit
  • EPSS 0.29%
  • Veröffentlicht 16.04.2018 09:58:09
  • Zuletzt bearbeitet 21.11.2024 03:40:50

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php.

6.1

CVE-2018-10108

Exploit
  • EPSS 0.29%
  • Veröffentlicht 16.04.2018 09:58:09
  • Zuletzt bearbeitet 21.11.2024 03:40:50

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the Treturn parameter to /htdocs/webinc/js/bsc_sms_inbox.php.