dlink

1,699 tracked vulnerabilities.

CVE-2025-69542 CRITICAL
D-Link DIR-895LA1 v102b07 - OS Command Injection via DHCP Hostname Parameter
Jan 09, 2026
CVSS 9.8
EPSS 0.03
CVE-2025-65731 MEDIUM
D-Link Router DIR-605L - Command Injection
Jan 08, 2026
CVSS 6.8
EPSS 0.00
CVE-2025-15391 MEDIUM
D-Link DIR-806A 100CNb11 - OS Command Injection in SSDP Request Handler
Dec 31, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-15357 MEDIUM
D-Link DI-7400G+ 19.12.25A1 - OS Command Injection via cmd Parameter
Dec 30, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-15245 LOW
D-Link DCS-850L 1.02.09 - Path Traversal via Firmware Update DownloadFile Parameter
Dec 30, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-15194 CRITICAL
D-Link DIR-600 up to 2.15WWb02 - Stack-Based Buffer Overflow via Cookie Argument in hedwig.cgi
Dec 29, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-15193 HIGH
D-Link DWR-M920 < 1.1.50 - Buffer Overflow via formParentControl submit-url Argument
Dec 29, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-15192 MEDIUM
D-Link DWR-M920 < 1.1.50 - Remote Command Injection via formLtefotaUpgradeQuectel fota_url Parameter
Dec 29, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-15191 MEDIUM
D-Link DWR-M920 < 1.1.50 - OS Command Injection via formLtefotaUpgradeFibocom fota_url Parameter
Dec 29, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-15190 HIGH
D-Link DWR-M920 < 1.1.50 - Stack-Based Buffer Overflow via formFilter ip6addr Argument
Dec 29, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-15189 HIGH
D-Link DWR-M920 < 1.1.50 - Buffer Overflow via formDefRoute submit-url Parameter
Dec 29, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14884 HIGH
D-Link DIR-605 202WWB03 - OS Command Injection in Firmware Update Service
Dec 18, 2025
CVSS 7.2
EPSS 0.01
CVE-2025-14659 HIGH
D-Link DIR-860LB1/DIR-868LB1 - Command Injection
Dec 14, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-14528 MEDIUM NUCLEI
D-Link DIR-803 <1.04 - Info Disclosure
Dec 11, 2025
CVSS 5.3
EPSS 0.09
CVE-2025-14225 MEDIUM
D-Link DCS-930L 1.15.04 - Command Injection
Dec 08, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-14208 MEDIUM
D-Link DIR-823X - Command Injection
Dec 08, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-60854 CRITICAL
D-Link R15 (AX1500) <1.20.01 - Command Injection
Dec 02, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13562 HIGH
D-Link DIR-852 1.00 - Remote Command Injection via gena.cgi Service Argument
Nov 23, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-13553 HIGH
D-Link DWR-M920 1.1.50 - Buffer Overflow via submit-url Parameter in formPinManageSetup
Nov 23, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13552 HIGH
D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50 - Buffer Overflow via submit-url Parameter
Nov 23, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13551 HIGH
D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50 - Buffer Overflow via submit-url Parameter
Nov 23, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13550 HIGH
D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50 - Buffer Overflow via VPN Config Setup submit-url Parameter
Nov 23, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13549 HIGH
D-Link DIR-822K 1.00 - Buffer Overflow via NTP Submit-URL Parameter
Nov 23, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13548 HIGH
D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50 - Buffer Overflow via submit-url Argument
Nov 23, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13547 HIGH
D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50 - Memory Corruption via formDdns submit-url Argument
Nov 23, 2025
CVSS 8.8
EPSS 0.00
Products
dir-816_firmware 73 dir-605l_firmware 65 dir-619l_firmware 65 dir-823g_firmware 57 dap-2622_firmware 54 dns-320_firmware 52 dir-513_firmware 47 dns-320lw_firmware 45 dns-325_firmware 45 dns-340l_firmware 45 dns-343_firmware 43 dnr-202l_firmware 42 dnr-326_firmware 42 dns-1100-4_firmware 42 dns-1200-05_firmware 42 dns-120_firmware 42 dns-1550-04_firmware 42 dns-315l_firmware 42 dns-320l_firmware 42 dns-321_firmware 42 dns-323_firmware 42 dns-326_firmware 42 dns-327l_firmware 42 dns-345_firmware 42 dns-726-4_firmware 42 dir-823x_firmware 39 dir-878_firmware 39 dap-1325_firmware 37 dir-600l_firmware 36 di-8003_firmware 35
Quick Filters
Critical CVEs With Exploits In CISA KEV