Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

D-Link — Vulnerabilities & Security Advisories 764

Browse all 764 CVE security advisories affecting D-Link. AI-powered Chinese analysis, POCs, and references for each vulnerability.

D-Link manufactures networking hardware, primarily consumer-grade routers and wireless access points, serving as a critical infrastructure component for home and small business internet connectivity. The company’s product line has historically been plagued by significant security deficiencies, resulting in 760 recorded Common Vulnerabilities and Exposures. These flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from hardcoded credentials or unpatched firmware updates. A notable incident occurred in 2017 when a critical vulnerability allowed attackers to gain administrative control over millions of devices, facilitating large-scale botnet recruitment. The persistent lack of timely security patches and weak default configurations have established a pattern of neglect, leaving users exposed to persistent threats. This track record highlights systemic issues in the development and maintenance lifecycle of D-Link’s network equipment, necessitating rigorous user-side security measures.

Top products by D-Link: DAP-2622 DNS-120 DAP-1325 DIR-605L DIR-823X DIR-X3260 DIR-619L DI-8100 G416 DWR-M960 DIR-619L B1 DIR-513 DIR-3040 DIR-2150 DIR-825 D-View DIR-1935 DAR-7000 DAP-1360 DIR-816 DI-7003GV2 DWR-M920 DIR-600L DIR-816 A2 DIR-2640 DNS-320 DIR-618 DSL6740C DAP-2020 DAP-2695
CVE IDTitleCVSSSeverityPublished
CVE-2025-4342 D-Link DIR-600L formEasySetupWizard3 buffer overflow — DIR-600LCWE-120 8.8 High2025-05-06
CVE-2025-4341 D-Link DIR-880L Request Header ssdpcgi sub_16570 command injection — DIR-880LCWE-77 6.3 Medium2025-05-06
CVE-2025-4340 D-Link DIR-890L/DIR-806A1 soap.cgi sub_175C8 command injection — DIR-890LCWE-77 6.3 Medium2025-05-06
CVE-2025-3785 D-Link DWR-M961 Authorization Interface formStaticDHCP stack-based overflow — DWR-M961CWE-121 8.8 High2025-04-18
CVE-2025-3538 D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow — DI-8100CWE-121 8.8 High2025-04-13
CVE-2025-2717 D-Link DIR-823X HTTP POST Request diag_nslookup sub_41710C os command injection — DIR-823XCWE-78 4.7 Medium2025-03-24
CVE-2025-2621 D-Link DAP-1620 storage check_dws_cookie stack-based overflow — DAP-1620CWE-121 9.8 Critical2025-03-22
CVE-2025-2620 D-Link DAP-1620 Authentication storage mod_graph_auth_uri_handler stack-based overflow — DAP-1620CWE-121 9.8 Critical2025-03-22
CVE-2025-2619 D-Link DAP-1620 Cookie storage check_dws_cookie stack-based overflow — DAP-1620CWE-121 9.8 Critical2025-03-22
CVE-2025-2618 D-Link DAP-1620 Path api set_ws_action heap-based overflow — DAP-1620CWE-122 9.8 Critical2025-03-22
CVE-2025-2553 D-Link DIR-618/DIR-605L formVirtualServ access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2552 D-Link DIR-618/DIR-605L formTcpipSetup access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2551 D-Link DIR-618/DIR-605L formSetPortTr access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2550 D-Link DIR-618/DIR-605L DDNS Service formSetDDNS access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2549 D-Link DIR-618/DIR-605L formSetPassword access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2548 D-Link DIR-618/DIR-605L formSetDomainFilter access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2547 D-Link DIR-618/DIR-605L formAdvNetwork access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2546 D-Link DIR-618/DIR-605L Firewall Service formAdvFirewall access control — DIR-618CWE-284 4.3 Medium2025-03-20
CVE-2025-2360 D-Link DIR-823G UPnP Service HNAP1 SetUpnpSettings improper authorization — DIR-823GCWE-285 7.3 High2025-03-17
CVE-2025-2359 D-Link DIR-823G DDNS Service HNAP1 SetDDNSSettings improper authorization — DIR-823GCWE-285 7.3 High2025-03-17
CVE-2025-1877 D-Link DAP-1562 HTTP POST Request pure_auth_check null pointer dereference — DAP-1562CWE-476 6.5 Medium2025-03-03
CVE-2025-1876 D-Link DAP-1562 HTTP Header http_request_parse stack-based overflow — DAP-1562CWE-121 7.3 High2025-03-03
CVE-2025-1800 D-Link DAR-7000 HTTP POST Request sxh_vpnlic.php get_ip_addr_details command injection — DAR-7000CWE-77 6.3 Medium2025-03-01
CVE-2025-1539 D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflow — DAP-1320CWE-121 8.8 High2025-02-21
CVE-2025-1538 D-Link DAP-1320 api set_ws_action heap-based overflow — DAP-1320CWE-122 8.8 High2025-02-21
CVE-2025-1392 D-Link DIR-816 index.html cross site scripting — DIR-816CWE-79 3.5 Low2025-02-17
CVE-2025-1104 D-Link DHP-W310AV authentication spoofing — DHP-W310AVCWE-290 7.3 High2025-02-07
CVE-2025-1103 D-Link DIR-823X HTTP POST Request set_wifi_blacklists null pointer dereference — DIR-823XCWE-476 6.5 Medium2025-02-07
CVE-2025-0492 D-Link DIR-823X FUN_00412244 null pointer dereference — DIR-823XCWE-476 7.5 High2025-01-15
CVE-2025-0481 D-Link DIR-878 HTTP POST Request dllog.cgi information disclosure — DIR-878CWE-200 5.3 Medium2025-01-15

This page lists every published CVE security advisory associated with D-Link. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.