Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

D-Link — Vulnerabilities & Security Advisories 764

Browse all 764 CVE security advisories affecting D-Link. AI-powered Chinese analysis, POCs, and references for each vulnerability.

D-Link manufactures networking hardware, primarily consumer-grade routers and wireless access points, serving as a critical infrastructure component for home and small business internet connectivity. The company’s product line has historically been plagued by significant security deficiencies, resulting in 760 recorded Common Vulnerabilities and Exposures. These flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from hardcoded credentials or unpatched firmware updates. A notable incident occurred in 2017 when a critical vulnerability allowed attackers to gain administrative control over millions of devices, facilitating large-scale botnet recruitment. The persistent lack of timely security patches and weak default configurations have established a pattern of neglect, leaving users exposed to persistent threats. This track record highlights systemic issues in the development and maintenance lifecycle of D-Link’s network equipment, necessitating rigorous user-side security measures.

Top products by D-Link: DAP-2622 DNS-120 DAP-1325 DIR-605L DIR-823X DIR-X3260 DIR-619L DI-8100 G416 DWR-M960 DIR-619L B1 DIR-513 DIR-3040 DIR-2150 DIR-825 D-View DIR-1935 DAR-7000 DAP-1360 DIR-816 DI-7003GV2 DWR-M920 DIR-600L DIR-816 A2 DIR-2640 DNS-320 DIR-618 DSL6740C DAP-2020 DAP-2695
CVE IDTitleCVSSSeverityPublished
CVE-2025-9769 D-Link DI-7400G+ mng_platform.asp sub_478D28 command injection — DI-7400G+CWE-77 4.1 Medium2025-09-01
CVE-2025-9752 D-Link DIR-852 SOAP Service soap.cgi soapcgi_main os command injection — DIR-852CWE-78 7.3 High2025-09-01
CVE-2025-9745 D-Link DI-500WF jhttpd version_upgrade.asp os command injection — DI-500WFCWE-78 4.7 Medium2025-08-31
CVE-2025-9727 D-Link DIR-816L soap.cgi soapcgi_main os command injection — DIR-816LCWE-78 6.3 Medium2025-08-31
CVE-2018-25115 D-Link DIR-110/412/600/615/645/815 RCE via service.cgi — DIR-110CWE-78 9.8AICriticalAI2025-08-27
CVE-2025-9026 D-Link DIR-860L Simple Service Discovery Protocol cgibin ssdpcgi_main os command injection — DIR-860LCWE-78 7.3 High2025-08-15
CVE-2025-9003 D-Link DIR-818LW DHCP Reserved Address bsc_lan.php cross site scripting — DIR-818LWCWE-79 3.5 Low2025-08-15
CVE-2025-8978 D-Link DIR-619L boa FirmwareUpgrade data authenticity — DIR-619LCWE-345 6.6 Medium2025-08-14
CVE-2025-8956 D-Link DIR‑818L ssdpcgi cgibin getenv command injection — DIR‑818LCWE-77 6.3 Medium2025-08-14
CVE-2025-8949 D-Link DIR-825 httpd ping_response.cgi get_ping_app_stat stack-based overflow — DIR-825CWE-121 7.2 High2025-08-14
CVE-2013-10069 D-Link Devices Unauthenticated RCE — DIR-600 rev BCWE-78 9.8AICriticalAI2025-08-05
CVE-2013-10048 D-Link Devices command.php Unauthenticated RCE — DIR-600CWE-78 9.8 -2025-08-01
CVE-2013-10050 D-Link Devices tools_vct.xgi Unauthenticated RCE — DIR-300 rev ACWE-78 8.8 -2025-08-01
CVE-2013-10059 D-Link Routers tools_vct.htm OS Command Injection — DIR-615H1CWE-78 8.8 -2025-08-01
CVE-2012-10021 D-Link DIR-605L Captcha Handling Buffer Overflow — DIR-605LCWE-121 9.8AICriticalAI2025-07-31
CVE-2025-8231 D-Link DIR-890L UART Port rgbin hard-coded credentials — DIR-890LCWE-798 6.8 Medium2025-07-27
CVE-2025-8184 D-Link DIR-513 HTTP POST Request formSetWanL2TPtriggers formSetWanL2TPcallback stack-based overflow — DIR-513CWE-121 8.8 High2025-07-26
CVE-2025-8175 D-Link DI-8400 jhttpd usb_paswd.asp null pointer dereference — DI-8400CWE-476 6.5 Medium2025-07-26
CVE-2025-8169 D-Link DIR-513 HTTP POST Request formSetWanPPTPpath formSetWanPPTPcallback buffer overflow — DIR-513CWE-120 8.8 High2025-07-25
CVE-2025-8168 D-Link DIR-513 formSetWanPPPoE websAspInit buffer overflow — DIR-513CWE-120 8.8 High2025-07-25
CVE-2014-125117 D-Link info.cgi POST Request Stack-Based Buffer Overflow RCE — DSP-W215CWE-121 9.8 -2025-07-25
CVE-2025-8159 D-Link DIR-513 HTTP POST Request formLanguageChange stack-based overflow — DIR-513CWE-121 8.8 High2025-07-25
CVE-2025-8155 D-Link DCS-6010L Management Application vb.htm cross site scripting — DCS-6010LCWE-79 3.5 Low2025-07-25
CVE-2025-7945 D-Link DIR-513 formSetWanDhcpplus buffer overflow — DIR-513CWE-120 8.8 High2025-07-21
CVE-2025-7932 D-Link DIR‑817L ssdpcgi lxmldbc_system command injection — DIR‑817LCWE-77 6.3 Medium2025-07-21
CVE-2025-7911 D-Link DI-8100 jhttpd upnp_ctrl.asp sprintf stack-based overflow — DI-8100CWE-121 8.8 High2025-07-20
CVE-2025-7910 D-Link DIR-513 Boa Webserver formSetWanNonLogin sprintf stack-based overflow — DIR-513CWE-121 8.8 High2025-07-20
CVE-2025-7909 D-Link DIR-513 Boa Webserver formLanSetupRouterSettings sprintf stack-based overflow — DIR-513CWE-121 8.8 High2025-07-20
CVE-2025-7908 D-Link DI-8100 jhttpd ddns.asp sprintf stack-based overflow — DI-8100CWE-121 8.8 High2025-07-20
CVE-2025-7836 D-Link DIR-816L Environment Variable cgibin lxmldbc_system command injection — DIR-816LCWE-77 6.3 Medium2025-07-19

This page lists every published CVE security advisory associated with D-Link. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.