D-Link Dir 846 Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in D-Link Dir 846 Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in D-Link Dir 846 Firmware. Dir 846 Firmware did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 3 | 9.13 |
| 2022 | 3 | 9.87 |
It may take a day or so for new Dir 846 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D-Link Dir 846 Firmware Security Vulnerabilities
Authenticated Remote RCE via QoS POST on D-Link DIR-846 Router
CVE-2023-43284
8.8 - High
- October 05, 2023
D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter.
D-Link DIR-846 v1.00A52 Remote Command Execution via tomography_ping_address
CVE-2023-33735
9.8 - Critical
- May 31, 2023
D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface.
RCE via POST lan(0)_dhcps_staticlist on D-Link DIR-846
CVE-2022-46552
8.8 - High
- February 02, 2023
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.
Shell injection
D-Link DIR-846 Cmd Injection via auto_upgrade_hour (CVE-2022-46642)
CVE-2022-46642
9.9 - Critical
- December 23, 2022
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.
Command Injection
Command Injection via lan(0)_dhcps_staticlist on D-Link DIR-846 Router
CVE-2022-46641
9.9 - Critical
- December 23, 2022
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.
Command Injection
D-Link DIR-846 HNAP Remote Code Execution via SetGuestWLanSettings.php
CVE-2020-21016
9.8 - Critical
- October 31, 2022
D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for D-Link Dir 846 Firmware or by D-Link? Click the Watch button to subscribe.
