Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

D-Link — Vulnerabilities & Security Advisories 764

Browse all 764 CVE security advisories affecting D-Link. AI-powered Chinese analysis, POCs, and references for each vulnerability.

D-Link manufactures networking hardware, primarily consumer-grade routers and wireless access points, serving as a critical infrastructure component for home and small business internet connectivity. The company’s product line has historically been plagued by significant security deficiencies, resulting in 760 recorded Common Vulnerabilities and Exposures. These flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from hardcoded credentials or unpatched firmware updates. A notable incident occurred in 2017 when a critical vulnerability allowed attackers to gain administrative control over millions of devices, facilitating large-scale botnet recruitment. The persistent lack of timely security patches and weak default configurations have established a pattern of neglect, leaving users exposed to persistent threats. This track record highlights systemic issues in the development and maintenance lifecycle of D-Link’s network equipment, necessitating rigorous user-side security measures.

Top products by D-Link: DAP-2622 DNS-120 DAP-1325 DIR-605L DIR-823X DIR-X3260 DIR-619L DI-8100 G416 DWR-M960 DIR-619L B1 DIR-513 DIR-3040 DIR-2150 DIR-825 D-View DIR-1935 DAR-7000 DAP-1360 DIR-816 DI-7003GV2 DWR-M920 DIR-600L DIR-816 A2 DIR-2640 DNS-320 DIR-618 DSL6740C DAP-2020 DAP-2695
CVE IDTitleCVSSSeverityPublished
CVE-2025-11665 D-Link DAP-2695 Firmware Update rgbin fwupdater_main os command injection — DAP-2695CWE-78 4.7 Medium2025-10-13
CVE-2025-34248 D-Link Nuclias Connect < v1.3.1.4 Directory Traversal to Arbitrary File Deletion — Nuclias ConnectCWE-22 8.1AIHighAI2025-10-09
CVE-2025-11488 D-Link DIR-852 HNAP1 command injection — DIR-852CWE-77 7.3 High2025-10-08
CVE-2025-11408 D-Link DI-7001 MINI dbsrv.asp buffer overflow — DI-7001 MINICWE-120 8.8 High2025-10-07
CVE-2025-11407 D-Link DI-7001 MINI upgrade_filter.asp os command injection — DI-7001 MINICWE-78 6.3 Medium2025-10-07
CVE-2025-11339 D-Link DI-7100G C1 jhttpd hi_block.asp sub_4BD4F8 buffer overflow — DI-7100G C1CWE-120 8.8 High2025-10-06
CVE-2025-11338 D-Link DI-7100G C1 jhttpd login.cgi sub_4C0990 buffer overflow — DI-7100G C1CWE-120 8.8 High2025-10-06
CVE-2025-11335 D-Link DI-7100G C1 jhttpd msp_info.htm sub_46409C command injection — DI-7100G C1CWE-77 4.7 Medium2025-10-06
CVE-2025-11100 D-Link DIR-823X set_wifi_blacklists uci_set command injection — DIR-823XCWE-77 6.3 Medium2025-09-28
CVE-2025-11099 D-Link DIR-823X delete_prohibiting uci_del command injection — DIR-823XCWE-77 6.3 Medium2025-09-28
CVE-2025-11098 D-Link DIR-823X set_wifi_blacklists command injection — DIR-823XCWE-77 6.3 Medium2025-09-28
CVE-2025-11097 D-Link DIR-823X set_device_name command injection — DIR-823XCWE-77 6.3 Medium2025-09-28
CVE-2025-11096 D-Link DIR-823X diag_traceroute command injection — DIR-823XCWE-77 6.3 Medium2025-09-28
CVE-2025-11095 D-Link DIR-823X delete_offline_device command injection — DIR-823XCWE-77 6.3 Medium2025-09-28
CVE-2025-11092 D-Link DIR-823X set_switch_settings sub_412E7C command injection — DIR-823XCWE-77 6.3 Medium2025-09-28
CVE-2025-10814 D-Link DIR-823X goahead command injection — DIR-823XCWE-77 6.3 Medium2025-09-22
CVE-2025-10792 D-Link DIR-513 formWPS buffer overflow — DIR-513CWE-120 8.8 High2025-09-22
CVE-2025-10779 D-Link DCS-935L HNAP1 sub_402280 stack-based overflow — DCS-935LCWE-121 8.8 High2025-09-22
CVE-2025-10689 D-Link DIR-645 soap.cgi soapcgi_main command injection — DIR-645CWE-77 6.3 Medium2025-09-18
CVE-2025-10666 D-Link DIR-825 apply.cgi sub_4106d4 buffer overflow — DIR-825CWE-120 8.8 High2025-09-18
CVE-2025-10634 D-Link DIR-823X Environment Variable goahead sub_412E7C command injection — DIR-823XCWE-77 6.3 Medium2025-09-18
CVE-2025-10629 D-Link DIR-852 Simple Service Discovery Protocol Service cgibin ssdpcgi_main command injection — DIR-852CWE-77 6.3 Medium2025-09-18
CVE-2025-10628 D-Link DIR-852 Web Management hedwig.cgi command injection — DIR-852CWE-77 6.3 Medium2025-09-18
CVE-2025-10441 D-Link DI-8100G/DI-8200G/DI-8003G jhttpd version_upgrade.asp sub_433F7C os command injection — DI-8100GCWE-78 6.3 Medium2025-09-15
CVE-2025-10440 D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection — DI-8100CWE-78 6.3 Medium2025-09-15
CVE-2025-10401 D-Link DIR-823x diag_ping command injection — DIR-823xCWE-77 6.3 Medium2025-09-14
CVE-2025-10123 D-Link DIR-823X set_static_leases sub_415028 command injection — DIR-823XCWE-77 7.3 High2025-09-09
CVE-2025-10093 D-Link DIR-852 Device Configuration getcfg.php phpcgi_main information disclosure — DIR-852CWE-200 5.3 Medium2025-09-08
CVE-2025-10034 D-Link DIR-825 httpd ping6_response.cg get_ping6_app_stat buffer overflow — DIR-825CWE-120 8.8 High2025-09-06
CVE-2025-9938 D-Link DI-8400 yyxz.asp yyxz_dlink_asp stack-based overflow — DI-8400CWE-121 8.8 High2025-09-03

This page lists every published CVE security advisory associated with D-Link. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.