Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

D-link — Vulnerabilities & Security Advisories 779

Browse all 779 CVE security advisories affecting D-link. AI-powered Chinese analysis, POCs, and references for each vulnerability.

D-Link manufactures networking hardware, primarily consumer-grade routers and wireless access points, serving as a critical infrastructure component for home and small business internet connectivity. The company’s product line has historically been plagued by significant security deficiencies, resulting in 760 recorded Common Vulnerabilities and Exposures. These flaws frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from hardcoded credentials or unpatched firmware updates. A notable incident occurred in 2017 when a critical vulnerability allowed attackers to gain administrative control over millions of devices, facilitating large-scale botnet recruitment. The persistent lack of timely security patches and weak default configurations have established a pattern of neglect, leaving users exposed to persistent threats. This track record highlights systemic issues in the development and maintenance lifecycle of D-Link’s network equipment, necessitating rigorous user-side security measures.

CVE IDTitleCVSSSeverityPublished
CVE-2024-8210 D-Link DNS-1550-04 hd_config.cgi sprintf command injection — DNS-120CWE-77 6.3 Medium2024-08-27
CVE-2024-8134 D-Link DNS-1550-04 HTTP POST Request hd_config.cgi cgi_FMT_Std2R5_1st_DiskMGR command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-8133 D-Link DNS-1550-04 HTTP POST Request hd_config.cgi cgi_FMT_R5_SpareDsk_DiskMGR command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-8132 D-Link DNS-1550-04 HTTP POST Request webdav_mgr.cgi webdav_mgr command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-8131 D-Link DNS-1550-04 HTTP POST Request apkg_mgr.cgi module_enable_disable command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-8130 D-Link DNS-1550-04 HTTP POST Request s3.cgi cgi_s3 command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-8129 D-Link DNS-1550-04 HTTP POST Request s3.cgi cgi_s3_modify command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-8128 D-Link DNS-1550-04 HTTP POST Request webfile_mgr.cgi cgi_add_zip command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-8127 D-Link DNS-1550-04 HTTP POST Request webfile_mgr.cgi cgi_unzip command injection — DNS-120CWE-77 6.3 Medium2024-08-24
CVE-2024-7922 D-Link DNS-1550-04 myMusic.cgi cgi_write_playlist command injection — DNS-120CWE-77 6.3 Medium2024-08-19
CVE-2024-7849 D-Link DNS-1550-04 photocenter_mgr.cgi cgi_create_album buffer overflow — DNS-120CWE-120 8.8 High2024-08-15
CVE-2024-7833 D-Link DI-8100 upgrade_filter.asp upgrade_filter_asp command injection — DI-8100CWE-77 6.3 Medium2024-08-15
CVE-2024-7832 D-Link DNS-1550-04 photocenter_mgr.cgi cgi_get_fullscreen_photos buffer overflow — DNS-120CWE-120 8.8 High2024-08-15
CVE-2024-7831 D-Link DNS-1550-04 photocenter_mgr.cgi cgi_get_cooliris buffer overflow — DNS-120CWE-120 8.8 High2024-08-15
CVE-2024-7830 D-Link DNS-1550-04 photocenter_mgr.cgi cgi_move_photo buffer overflow — DNS-120CWE-120 8.8 High2024-08-15
CVE-2024-7829 D-Link DNS-1550-04 photocenter_mgr.cgi cgi_del_photo buffer overflow — DNS-120CWE-120 8.8 High2024-08-15
CVE-2024-7828 D-Link DNS-1550-04 photocenter_mgr.cgi cgi_set_cover buffer overflow — DNS-120CWE-120 8.8 High2024-08-15
CVE-2024-7715 D-Link DNS-1550-04 photocenter_mgr.cgi sprintf command injection — DNS-120CWE-77 6.3 Medium2024-08-13
CVE-2024-7436 D-Link DI-8100 msp_info.htm msp_info_htm command injection — DI-8100CWE-77 6.3 Medium2024-08-03
CVE-2024-7357 D-Link DIR-600 soap.cgi soapcgi_main os command injection — DIR-600CWE-78 6.3 Medium2024-08-01
CVE-2024-38438 D-Link - CWE-294: Authentication Bypass by Capture-replay — DSL-225CWE-294 9.8 Critical2024-07-21
CVE-2024-38437 D-Link - CWE-288: Authentication Bypass Using an Alternate Path or Channel — DSL-225CWE-288 9.8 Critical2024-07-21
CVE-2024-6525 D-Link DAR-7000 decodmail.php deserialization — DAR-7000CWE-502 2.7 Low2024-07-05
CVE-2024-6045 D-Link router - Hidden Backdoor — G403CWE-912 8.8 High2024-06-17
CVE-2024-6044 D-Link router - Arbitrary File Reading — G403CWE-22 6.5 Medium2024-06-17
CVE-2024-5299 D-Link D-View execMonitorScript Exposed Dangerous Method Remote Code Execution Vulnerability — D-ViewCWE-749 8.8AIHighAI2024-05-23
CVE-2024-5298 D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability — D-ViewCWE-749 8.8AIHighAI2024-05-23
CVE-2024-5297 D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability — D-ViewCWE-78 8.8AIHighAI2024-05-23
CVE-2024-5296 D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability — D-ViewCWE-321 9.8AICriticalAI2024-05-23
CVE-2024-5295 D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability — G416CWE-78 8.8AIHighAI2024-05-23

This page lists every published CVE security advisory associated with D-link. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.