D-Link

  1. Vendors
  2. D-Link

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any D-Link product.

RSS Feeds for D-Link security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in D-Link products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by D-Link Sorted by Most Security Vulnerabilities since 2018

 

D-Link Dap 2622 Firmware54 vulnerabilities

 

D-Link Dir 619l Firmware44 vulnerabilities

 

D-Link Dir 605l Firmware41 vulnerabilities

 

D-Link Dap 1325 Firmware36 vulnerabilities

 

D-Link Dir 816 Firmware33 vulnerabilities

 

D-Link Dir 823g Firmware29 vulnerabilities

 

D-Link Dir X3260 Firmware23 vulnerabilities

 

D-Link G416 Firmware21 vulnerabilities

 

D-Link D View 817 vulnerabilities

 

D-Link Di 8100 Firmware17 vulnerabilities

 

D-Link Dir 3040 Firmware17 vulnerabilities

 

D-Link Dar 7000 Firmware14 vulnerabilities

 

D-Link Dwr M92014 vulnerabilities

 

D-Link Di 7003g Firmware12 vulnerabilities

 

D-Link Go Rt Ac750 Firmware11 vulnerabilities

 

D-Link Dir 882 A1 Firmware10 vulnerabilities

 

D-Link Dir 878 Firmware10 vulnerabilities

 

D-Link Dir 2150 Firmware10 vulnerabilities

 

D-Link Dsl 3782 Firmware9 vulnerabilities

 

D-Link Dir 600l Firmware9 vulnerabilities

 

D-Link Dir 823x Firmware9 vulnerabilities

 

D-Link Dir 2640 Firmware8 vulnerabilities

 

D-Link Dir 822k8 vulnerabilities

 

D-Link Dcs 932l Firmware7 vulnerabilities

 

D-Link Di 8003 Firmware7 vulnerabilities

 

D-Link Dsl6740c Firmware7 vulnerabilities

 

D-Link Dir 853 Firmware7 vulnerabilities

 

D-Link Dcs 8300lhv2 Firmware6 vulnerabilities

 

D-Link Dir 513 Firmware6 vulnerabilities

 

D-Link Dir 820l Firmware6 vulnerabilities

 

D-Link Dir 822 Firmware6 vulnerabilities

 

D-Link Dir 825 Firmware6 vulnerabilities

 

D-Link Dir 845l Firmware6 vulnerabilities

 

D-Link Dir 846 Firmware6 vulnerabilities

 

D-Link Dir 882 Firmware5 vulnerabilities

 

D-Link Dir 816 A2 Firmware5 vulnerabilities

 

D-Link Dwl 6610ap Firmware5 vulnerabilities

 

D-Link Nuclias Connect4 vulnerabilities

 

D-Link Dap 1520 Firmware4 vulnerabilities

 

D-Link Dap 1620 Firmware4 vulnerabilities

 

D-Link Di 8100g Firmware4 vulnerabilities

 

D-Link Di 8200 Firmware4 vulnerabilities

 

D-Link Dir 6004 vulnerabilities

 

D-Link Dir 868l Firmware4 vulnerabilities

 

D-Link Dns 320 Firmware4 vulnerabilities

 

D-Link Dir 645 Firmware4 vulnerabilities

 

D-Link Dir 846w Firmware4 vulnerabilities

 

D-Link Dap 2695 Firmware3 vulnerabilities

 

D-Link Dar 8000 Firmware3 vulnerabilities

 

D-Link Dwr 2000m Firmware3 vulnerabilities

 

D-Link Dir X4860 Firmware3 vulnerabilities

 

D-Link Di 7300g Firmware3 vulnerabilities

 

D-Link Dir 1003 vulnerabilities

 

D-Link Dwr M9213 vulnerabilities

 

D-Link Dir 890l Firmware3 vulnerabilities

 

D-Link Dir 600 Firmware3 vulnerabilities

 

D-Link Dir 632 Firmware3 vulnerabilities

 

D-Link Dir 815 Firmware3 vulnerabilities

 

D-Link Dir 816l3 vulnerabilities

 

D-Link Dir 860l Firmware3 vulnerabilities

 

D-Link Dir 825m3 vulnerabilities

 

D-Link Dap 1320 Firmware2 vulnerabilities

 

D-Link Dns 325 Firmware2 vulnerabilities

 

D-Link Dap 1562 Firmware2 vulnerabilities

 

D-Link Dap 26952 vulnerabilities

 

D-Link Dsl 6740c Firmware2 vulnerabilities

 

D-Link Dcs 960l Firmware2 vulnerabilities

 

D-Link Dhp W310av Firmware2 vulnerabilities

 

D-Link Dns 340l Firmware2 vulnerabilities

 

D-Link Dns 320l Firmware2 vulnerabilities

 

D-Link Di 8004w Firmware2 vulnerabilities

 

D-Link Di 8300 Firmware2 vulnerabilities

 

D-Link Di 8400 Firmware2 vulnerabilities

 

D-Link Dwr M9602 vulnerabilities

 

D-Link Dir 300 Firmware2 vulnerabilities

 

D-Link Dir 610 Firmware2 vulnerabilities

 

D-Link Dns 327l Firmware2 vulnerabilities

 

D-Link Dir878 Firmware2 vulnerabilities

 

D-Link Dir 6452 vulnerabilities

 

D-Link Dir 867 Firmware2 vulnerabilities

 

D-Link Dsl 2750u Firmware2 vulnerabilities

 

D-Link Dsl 225 Firmware2 vulnerabilities

 

D-Link Dwl 2600ap Firmware2 vulnerabilities

 

D-Link Dsp W215 Firmware2 vulnerabilities

 

D-Link Dsl 224 Firmware2 vulnerabilities

 

D-Link Dir 859 Firmware2 vulnerabilities

 

D-Link Dir 832x Firmware2 vulnerabilities

 

D-Link Dir 842v2 Firmware2 vulnerabilities

 

D-Link Dcs 7517 Firmware1 vulnerability

 

D-Link Dcs 930l Firmware1 vulnerability

 

D-Link Di 500wf Firmware1 vulnerability

 

D-Link Di 500wf Wt Firmware1 vulnerability

 

D-Link Dir 1260 Firmware1 vulnerability

 

D-Link Dir 1960 Firmware1 vulnerability

By the Year

In 2026 there have been 2 vulnerabilities in D-Link with an average score of 6.3 out of ten. Last year, in 2025 D-Link had 239 security vulnerabilities published. Right now, D-Link is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 1.85




Year Vulnerabilities Average Score
2026 2 6.30
2025 239 8.15
2024 347 8.49
2023 85 9.01
2022 39 9.05
2021 10 8.60
2020 5 7.76
2019 7 8.67
2018 5 7.56

It may take a day or so for new D-Link vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent D-Link Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-0732 Jan 08, 2026
A vulnerability was found in D-Link DI-8200G 17.12.20A1 A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
CVE-2026-0625 Jan 05, 2026
Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the devices DNS settings without valid credentials, enabling DNS hijacking (DNSChanger) attacks that redirect user traffic to attacker-controlled infrastructure. In 2019, D-Link reported that this behavior was leveraged by the "GhostDNS" malware ecosystem targeting consumer and carrier routers. All impacted products were subsequently designated end-of-life/end-of-service, and no longer receive security updates. Exploitation evidence was observed by the Shadowserver Foundation on 2025-11-27 (UTC).
Dir 600
CVE-2025-15391 Dec 31, 2025
A weakness has been identified in D-Link DIR-806A 100CNb11 A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-15357 Dec 30, 2025
A vulnerability was found in D-Link DI-7400G+ 19.12.25A1 A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used.
CVE-2025-15245 Dec 30, 2025
A vulnerability was found in D-Link DCS-850L 1.02.09 A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-15194 Dec 29, 2025
A vulnerability was found in D-Link DIR-600 up to 2.15WWb02 A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Dir 600
CVE-2025-15193 Dec 29, 2025
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50 A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
Dwr M920
CVE-2025-15192 Dec 29, 2025
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50 A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fota_url leads to command injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Dwr M920
CVE-2025-15191 Dec 29, 2025
A weakness has been identified in D-Link DWR-M920 up to 1.1.50 A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_4155B4 of the file /boafrm/formLtefotaUpgradeFibocom. This manipulation of the argument fota_url causes command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
Dwr M920
CVE-2025-15190 Dec 29, 2025
A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50 A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub_42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be exploited.
Dwr M920
CVE-2025-15189 Dec 29, 2025
A vulnerability was identified in D-Link DWR-M920 up to 1.1.50 A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This issue affects the function sub_464794 of the file /boafrm/formDefRoute. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.
Dwr M920
CVE-2023-53974 Dec 22, 2025
Config File Disclosure in D-Link DSL-124 ME_1.00 via POST D-Link DSL-124 ME_1.00 contains a configuration file disclosure vulnerability that allows unauthenticated attackers to retrieve router settings through a POST request. Attackers can send a specific POST request to the router's configuration endpoint to download a complete backup file containing sensitive network credentials and system configurations.
CVE-2025-14884 Dec 18, 2025
DIR-605 Firmware Update Service Command Injection Remote A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-53896 Dec 16, 2025
Unauthenticated config download via Broken access control in D-Link DAP-1325 1.01 D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attackers to download device configuration settings without authentication. Attackers can exploit the /cgi-bin/ExportSettings.sh endpoint to retrieve sensitive configuration information by directly accessing the export settings script.
CVE-2025-14659 Dec 14, 2025
Command Injection in D-Link DIR-860LB1/868LB1 DHCP Daemon (CVE-2025-14659) A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
CVE-2025-14528 Dec 11, 2025
CVE-2025-14528: DIR-803 <=1.04 Info Disclosure via /getcfg.php AUTHORIZED_GROUP A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZED_GROUP results in information disclosure. The attack may be performed from remote. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-13607 Dec 10, 2025
Unauth Access to Camera Config via Vulnerable URL A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL.
CVE-2025-14225 Dec 08, 2025
D-Link DCS-930L 1.15.04 Command Injection via alphapd/AdminID A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-14208 Dec 08, 2025
D-Link DIR-823X Command Injection via ppp_username A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub_415028 of the file /goform/set_wan_settings. The manipulation of the argument ppp_username results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
CVE-2025-13562 Nov 23, 2025
Command Injection in D-Link DIR-852 1.00 via gena.cgi Remote Exploit A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-13553 Nov 23, 2025
DWR-M920 1.1.50 /boafrm/formPinManageSetup Buffer Overflow via submit-url A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub_41C7FC of the file /boafrm/formPinManageSetup. This manipulation of the argument submit-url causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
Dwr M920
CVE-2025-13552 Nov 23, 2025
Remote Buffer Overflow in D-Link DIR-822K & DWR-M920 (formWlEncrypt) A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file /boafrm/formWlEncrypt. The manipulation of the argument submit-url results in buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
Dir 822k
Dwr M920
CVE-2025-13551 Nov 23, 2025
D-Link DIR-822K/DWR-M920 buffer overflow via submit-url A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The affected element is an unknown function of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
Dir 822k
Dwr M920
CVE-2025-13550 Nov 23, 2025
D-Link DIR-822K/DWR-M920 Buffer Overflow via formVpnConfigSetup Remote A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
Dir 822k
Dwr M920
CVE-2025-13549 Nov 23, 2025
D-Link DIR-822K 1.00 Remote Exploitable Buffer Overflow in formNtp A vulnerability was found in D-Link DIR-822K 1.00. This issue affects the function sub_455524 of the file /boafrm/formNtp. Performing manipulation of the argument submit-url results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Dir 822k
CVE-2025-13548 Nov 23, 2025
D-Link DIR-822K/DWR-M920: Remote Buffer Overflow in formFirewallAdv A vulnerability has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This vulnerability affects unknown code of the file /boafrm/formFirewallAdv. Such manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Dir 822k
Dwr M920
CVE-2025-13547 Nov 23, 2025
Remote Memory Corruption via submit-url in D-Link DIR-822K /boafrm/formDdns A flaw has been found in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. This affects an unknown part of the file /boafrm/formDdns. This manipulation of the argument submit-url causes memory corruption. The attack may be initiated remotely. The exploit has been published and may be used.
Dir 822k
Dwr M920
CVE-2025-13306 Nov 17, 2025
D-Link routers 1.1.5: Cmd Injection in /boafrm/formDebugDiagnosticRun A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Dwr M920
Dwr M921
Dir 822k
And others...
CVE-2025-13305 Nov 17, 2025
D-Link DWR-M920/M921/M960, DIR-822K/825M 1.01.07 Buffer Overflow in /boafrm/diag A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Dwr M920
Dwr M921
Dwr M960
And others...
CVE-2025-13304 Nov 17, 2025
D-Link Router Buffer Overflow in /boafrm/formPingDiagnosticRun A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
Dwr M920
Dwr M921
Dwr M960
And others...
CVE-2025-13191 Nov 15, 2025
D-Link DIR-816L /soap.cgi Stack Buffer Overflow Remote Exploit A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.
Dir 816l
CVE-2025-13190 Nov 15, 2025
D-Link DIR-816L Router: Remote Stack-Based Buffer Overflow A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The manipulation of the argument en results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Dir 816l
CVE-2025-13189 Nov 15, 2025
D-Link DIR-816L Buffer Overflow via genacgi_main in gena.cgi A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-13188 Nov 14, 2025
DIR-816L: Stack-based Buffer Overflow via Password Argument A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Dir 816l
CVE-2022-50596 Nov 06, 2025
Unauthenticated CMD Injection in D-Link DIR-1260 Web Mgmt ( v1.20B05) D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interface that allows for unauthenticated attackers to execute arbitrary commands on the device with root privileges. The flaw specifically exists within the SetDest/Dest/Target arguments to the GetDeviceSettings form. The management interface is accessible over HTTP and HTTPS on the local and Wi-Fi networks and optionally from the Internet.
Dir 1260 Firmware
CVE-2025-12313 Oct 27, 2025
D-Link DI-7001 MINI 19.09.19A1: cmd injection via /msp_info.htm A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-12296 Oct 27, 2025
OS Command Injection in D-Link DAP-2695 2.00RC13 Firmware Update Handler A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Dap 2695
CVE-2025-12295 Oct 27, 2025
D-Link DAP-2695 Improper Sign Verify in Firmware Update Handler RC13 A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub_40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.
Dap 2695
CVE-2025-34253 Oct 16, 2025
Stored XSS via Network Field in D-Link Nuclias Connect <=1.3.1.4 D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain a stored cross-site scripting (XSS) vulnerability due to improper sanitization of the 'Network' field when editing the configuration, creating a profile, and adding a network. An authenticated attacker can inject arbitrary JavaScript to be executed in the context of other users viewing the profile entry. NOTE: D-Link states that a fix is under development.
Nuclias Connect
CVE-2025-34255 Oct 16, 2025
D-Link Nuclias Connect v<=1.3.1.4 Email Enum via ForgotPwd JSON D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Forgot Password' endpoint returns distinct JSON responses depending on whether the supplied email address is associated with an existing account. Because the responses differ in the `data.exist` boolean value, an unauthenticated remote attacker can enumerate valid email addresses/accounts on the server. NOTE: D-Link states that a fix is under development.
Nuclias Connect
CVE-2025-34254 Oct 16, 2025
D-Link Nuclias Connect <=1.3.1.4 Username Enumeration via JSON Login Response D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy vulnerability. The application's 'Login' endpoint returns distinct JSON responses depending on whether the supplied username is associated with an existing account. Because the responses differ in the `error.message`string value, an unauthenticated remote attacker can enumerate valid usernames/accounts on the server. NOTE: D-Link states that a fix is under development.
Nuclias Connect
CVE-2025-11665 Oct 13, 2025
Remote OS Command Injection in D-Link DAP-2695 Firmware Updater (2.00RC131) A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdater_main of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-34248 Oct 09, 2025
D-Link Nuclias Connect <1.3.1.4 DIR Traversal via deleteBackupList D-Link Nuclias Connect firmware versions < 1.3.1.4 contain a directory traversal vulnerability within /api/web/dnc/global/database/deleteBackup due to improper sanitization of the deleteBackupList parameter. This can allow an authenticated attacker to delete arbitrary files impacting the integrity and availability of the system.
Nuclias Connect
CVE-2025-11488 Oct 08, 2025
D-Link DIR-852 Command Injection via /HNAP1/ A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-11408 Oct 07, 2025
D-Link DI-7001 MINI buffer overflow via dbsrv.asp str param A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-11407 Oct 07, 2025
D-Link DI-7001 MINI OS CI via upgrade_filter.asp (pre 24.04.18B1) A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
CVE-2025-11339 Oct 06, 2025
D-Link DI-7100G C1 jhttpd Buffer Overflow via popupId A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-11338 Oct 06, 2025
D-Link DI-7100G C1 JHTTPD Buffer Overflow via OpenID (CVE-2025-11338) A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
CVE-2025-11335 Oct 06, 2025
D-Link DI-7100G C1: jhttpd Command Injection via iface Arg A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
CVE-2025-11100 Sep 28, 2025
Command Injection in D-Link DIR-823X set_wifi_blacklists A vulnerability was identified in D-Link DIR-823X 250416. This affects the function uci_set of the file /goform/set_wifi_blacklists. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.