Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

D-Link — Vulnerabilities & Security Advisories 764

Browse all 764 CVE security advisories affecting D-Link. AI-powered Chinese analysis, POCs, and references for each vulnerability.

D-Link manufactures networking hardware, primarily consumer-grade routers and wireless access points, serving as a critical infrastructure component for home and small business internet connectivity. The company’s product line has historically been plagued by significant security deficiencies, resulting in 760 recorded Common Vulnerabilities and Exposures. These flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from hardcoded credentials or unpatched firmware updates. A notable incident occurred in 2017 when a critical vulnerability allowed attackers to gain administrative control over millions of devices, facilitating large-scale botnet recruitment. The persistent lack of timely security patches and weak default configurations have established a pattern of neglect, leaving users exposed to persistent threats. This track record highlights systemic issues in the development and maintenance lifecycle of D-Link’s network equipment, necessitating rigorous user-side security measures.

Top products by D-Link: DAP-2622 DNS-120 DAP-1325 DIR-605L DIR-823X DIR-X3260 DIR-619L DI-8100 G416 DWR-M960 DIR-619L B1 DIR-513 DIR-3040 DIR-2150 DIR-825 D-View DIR-1935 DAR-7000 DAP-1360 DIR-816 DI-7003GV2 DWR-M920 DIR-600L DIR-816 A2 DIR-2640 DNS-320 DIR-618 DSL6740C DAP-2020 DAP-2695
CVE IDTitleCVSSSeverityPublished
CVE-2023-32142 D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability — DAP-1360CWE-121 8.8 -2024-05-03
CVE-2023-32141 D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability — DAP-1360CWE-121 8.8 -2024-05-03
CVE-2023-32140 D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability — DAP-1360CWE-122 8.8 -2024-05-03
CVE-2023-32139 D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability — DAP-1360CWE-121 8.8 -2024-05-03
CVE-2023-32138 D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability — DAP-1360CWE-122 8.8 -2024-05-03
CVE-2023-32137 D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability — DAP-1360CWE-22 6.5 -2024-05-03
CVE-2023-32136 D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability — DAP-1360CWE-121 8.8 -2024-05-03
CVE-2023-41222 D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability — DIR-3040CWE-121 8.0 -2024-05-03
CVE-2023-51631 D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability — DIR-X3260CWE-121 8.0 -2024-05-01
CVE-2024-3274 D-Link DNS-320L/DNS-320LW/DNS-327L HTTP GET Request info.cgi information disclosure — DNS-320LCWE-200 5.3 Medium2024-04-04
CVE-2024-3273 D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection — DNS-320LCWE-77 7.3 High2024-04-04
CVE-2024-3272 D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials — DNS-320LCWE-798 9.8 Critical2024-04-04
CVE-2024-1786 D-Link DIR-600M C1 Telnet Service buffer overflow — DIR-600M C1CWE-120 7.5 High2024-02-23
CVE-2024-0921 D-Link DIR-816 A2 Web Interface setDeviceSettings os command injection — DIR-816 A2CWE-78 4.7 Medium2024-01-26
CVE-2024-23625 D-Link DAP-1650 SUBSCRIBE Callback Command Injection Vulnerability — DAP-1650CWE-77 9.6 Critical2024-01-25
CVE-2024-23624 D-Link DAP-1650 gena.cgi SUBSCRIBE Command Injection Vulnerability — DAP-1650CWE-77 9.6 Critical2024-01-25
CVE-2024-0769 D-Link DIR-859 HTTP POST Request hedwig.cgi path traversal — DIR-859CWE-22 5.3 Medium2024-01-21
CVE-2024-0717 D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure — DAP-1360CWE-200 5.3 Medium2024-01-19
CVE-2023-7163 D-Link D-View 8 Unauthenticated Probe-Core Server Communication — D-View 8CWE-20 10.0 Critical2023-12-28
CVE-2023-6581 D-Link DAR-7000 workidajax.php sql injection — DAR-7000CWE-89 5.5 Medium2023-12-07
CVE-2023-6580 D-Link DIR-846 QoS POST deserialization — DIR-846CWE-502 8.8 High2023-12-07
CVE-2023-5322 D-Link DAR-7000 edit_manageadmin.php sql injection — DAR-7000CWE-89 4.7 Medium2023-10-01
CVE-2023-5154 D-Link DAR-8000 changelogo.php unrestricted upload — DAR-8000CWE-434 6.3 Medium2023-09-25
CVE-2023-5153 D-Link DAR-8000 querysql.php sql injection — DAR-8000CWE-89 6.3 Medium2023-09-25
CVE-2023-5152 D-Link DAR-7000/DAR-8000 importexport.php sql injection — DAR-7000CWE-89 6.3 Medium2023-09-25
CVE-2023-5151 D-Link DAR-8000 autheditpwd.php sql injection — DAR-8000CWE-89 6.3 Medium2023-09-25
CVE-2023-5150 D-Link DAR-7000/DAR-8000 web.php unrestricted upload — DAR-7000CWE-434 6.3 Medium2023-09-25
CVE-2023-5149 D-Link DAR-7000 userattestation.php unrestricted upload — DAR-7000CWE-434 6.3 Medium2023-09-25
CVE-2023-5148 D-Link DAR-7000/DAR-8000 uploadfile.php unrestricted upload — DAR-7000CWE-434 6.3 Medium2023-09-25
CVE-2023-5147 D-Link DAR-7000 updateos.php unrestricted upload — DAR-7000CWE-434 6.3 Medium2023-09-25

This page lists every published CVE security advisory associated with D-Link. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.