Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

D-Link — Vulnerabilities & Security Advisories 764

Browse all 764 CVE security advisories affecting D-Link. AI-powered Chinese analysis, POCs, and references for each vulnerability.

D-Link manufactures networking hardware, primarily consumer-grade routers and wireless access points, serving as a critical infrastructure component for home and small business internet connectivity. The company’s product line has historically been plagued by significant security deficiencies, resulting in 760 recorded Common Vulnerabilities and Exposures. These flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from hardcoded credentials or unpatched firmware updates. A notable incident occurred in 2017 when a critical vulnerability allowed attackers to gain administrative control over millions of devices, facilitating large-scale botnet recruitment. The persistent lack of timely security patches and weak default configurations have established a pattern of neglect, leaving users exposed to persistent threats. This track record highlights systemic issues in the development and maintenance lifecycle of D-Link’s network equipment, necessitating rigorous user-side security measures.

Top products by D-Link: DAP-2622 DNS-120 DAP-1325 DIR-605L DIR-823X DIR-X3260 DIR-619L DI-8100 G416 DWR-M960 DIR-619L B1 DIR-513 DIR-3040 DIR-2150 DIR-825 D-View DIR-1935 DAR-7000 DAP-1360 DIR-816 DI-7003GV2 DWR-M920 DIR-600L DIR-816 A2 DIR-2640 DNS-320 DIR-618 DSL6740C DAP-2020 DAP-2695
CVE IDTitleCVSSSeverityPublished
CVE-2023-53896 D-Link DAP-1325 Hardware A1 Unauthenticated Configuration Download — DAP-1325CWE-306 7.5 High2025-12-16
CVE-2025-14659 D-Link DIR-860LB1/DIR-868LB1 DHCP command injection — DIR-860LB1CWE-77 8.8 High2025-12-14
CVE-2025-14528 D-Link DIR-803 Configuration getcfg.php information disclosure — DIR-803CWE-200 5.3 Medium2025-12-11
CVE-2025-13607 D-Link CCTV camera model DCS-F5614-L1 Missing Authentication for Critical Function — DCS-F5614-L1CWE-306 9.4 Critical2025-12-10
CVE-2025-14225 D-Link DCS-930L alphapd setSystemAdmin command injection — DCS-930LCWE-77 6.3 Medium2025-12-08
CVE-2025-14208 D-Link DIR-823X set_wan_settings sub_415028 command injection — DIR-823XCWE-77 6.3 Medium2025-12-08
CVE-2025-13562 D-Link DIR-852 gena.cgi command injection — DIR-852CWE-77 7.3 High2025-11-23
CVE-2025-13553 D-Link DWR-M920 formPinManageSetup sub_41C7FC buffer overflow — DWR-M920CWE-120 8.8 High2025-11-23
CVE-2025-13552 D-Link DIR-822K/DWR-M920 formWlEncrypt buffer overflow — DIR-822KCWE-120 8.8 High2025-11-23
CVE-2025-13551 D-Link DIR-822K/DWR-M920 formWanConfigSetup buffer overflow — DIR-822KCWE-120 8.8 High2025-11-23
CVE-2025-13550 D-Link DIR-822K/DWR-M920 formVpnConfigSetup buffer overflow — DIR-822KCWE-120 8.8 High2025-11-23
CVE-2025-13549 D-Link DIR-822K formNtp sub_455524 buffer overflow — DIR-822KCWE-120 8.8 High2025-11-23
CVE-2025-13548 D-Link DIR-822K/DWR-M920 formFirewallAdv buffer overflow — DIR-822KCWE-120 8.8 High2025-11-23
CVE-2025-13547 D-Link DIR-822K/DWR-M920 formDdns memory corruption — DIR-822KCWE-119 8.8 High2025-11-23
CVE-2025-13306 D-Link DWR-M920/DWR-M921/DIR-822K/DIR-825M formDebugDiagnosticRun system command injection — DWR-M920CWE-77 6.3 Medium2025-11-17
CVE-2025-13305 D-Link DWR-M920/DWR-M921/DWR-M960/DIR-822K/DIR-825M formTracerouteDiagnosticRun buffer overflow — DWR-M920CWE-120 8.8 High2025-11-17
CVE-2025-13304 D-Link DWR-M920/DWR-M921/DWR-M960/DWR-M961/DIR-825M formPingDiagnosticRun buffer overflow — DWR-M920CWE-120 8.8 High2025-11-17
CVE-2025-13191 D-Link DIR-816L soap.cgi soapcgi_main stack-based overflow — DIR-816LCWE-121 8.8 High2025-11-15
CVE-2025-13190 D-Link DIR-816L __ajax_exporer.sgi scandir_main stack-based overflow — DIR-816LCWE-121 8.8 High2025-11-15
CVE-2025-13189 D-Link DIR-816L gena.cgi genacgi_main stack-based overflow — DIR-816LCWE-121 8.8 High2025-11-15
CVE-2025-13188 D-Link DIR-816L authentication.cgi authenticationcgi_main stack-based overflow — DIR-816LCWE-121 9.8 Critical2025-11-14
CVE-2022-50596 D-Link DIR-1260 <= v1.20B05 GetDeviceSettings Unauthenticated Command Injection — DIR-1260CWE-78 9.8 -2025-11-06
CVE-2018-25120 D-Link DNS-343 ShareCenter <= 1.05 Command Injection via /goform/Mail_Test — DNS-343 ShareCenterCWE-78 9.8AICriticalAI2025-10-29
CVE-2025-12313 D-Link DI-7001 MINI msp_info.htm command injection — DI-7001 MINICWE-77 6.3 Medium2025-10-27
CVE-2025-12296 D-Link DAP-2695 Firmware Update sub_4174B0 os command injection — DAP-2695CWE-78 4.7 Medium2025-10-27
CVE-2025-12295 D-Link DAP-2695 Firmware Update sub_40C6B8 signature verification — DAP-2695CWE-347 6.6 Medium2025-10-27
CVE-2025-60344 D-Link DSR-150 安全漏洞 — DSR-150CWE-24 8.6 High2025-10-21
CVE-2025-34253 D-Link Nuclias Connect <= v1.3.1.4 Stored Cross-Site Scripting (XSS) — Nuclias ConnectCWE-79 5.4AIMediumAI2025-10-16
CVE-2025-34255 D-Link Nuclias Connect <= v1.3.1.4 Forgot Password Account Enumeration — Nuclias ConnectCWE-204 5.3AIMediumAI2025-10-16
CVE-2025-34254 D-Link Nuclias Connect <= v1.3.1.4 Login Account Enumeration — Nuclias ConnectCWE-204 5.3AIMediumAI2025-10-16

This page lists every published CVE security advisory associated with D-Link. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.