Vulnerabilidades em D-Link

777 resultados
Análise Vexday

Com 777 CVEs catalogadas e 57 surgidas nos últimos 90 dias, o portfólio de vulnerabilidades da D-Link apresenta um ritmo de descoberta que exige monitoramento contínuo. A taxa de exploração ativa está em linha com a média geral do catálogo, mas o destaque crítico é CVE-2024-3273, que possui EPSS máximo de 1.0 — indicando probabilidade extremamente alta de exploração ativa —, e deve ser tratada como prioridade absoluta de mitigação. A presença de 80 CVEs com PoC pública, combinada com 56 falhas de severidade crítica, amplia significativamente a superfície de ataque disponível para agentes mal-intencionados. O tipo de falha mais frequente, CWE-121 (stack-based buffer overflow), é historicamente associado à execução remota de código, o que reforça a urgência de aplicar correções e segmentar dispositivos D-Link expostos à rede.

CVE-2024-11066HIGHD-Link DSL6740C - OS Command InjectionEPSS 1.8%CVE-2023-32151MEDIUMD-Link DIR-2640 DestNetwork Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-32147MEDIUMD-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2024-9915HIGHD-Link DIR-619L B1 formVirtualServ buffer overflowEPSS 1.8%CVE-2023-34275MEDIUMD-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-34276MEDIUMD-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-34278MEDIUMD-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-34281MEDIUMD-Link DIR-2150 GetFirmwareStatus Target Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-34280MEDIUMD-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-34277MEDIUMD-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution VulnerabilityEPSS 1.8%CVE-2024-9566HIGHD-Link DIR-619L B1 formDeviceReboot buffer overflowEPSS 1.8%CVE-2024-11959HIGHD-Link DIR-605L formResetStatistic buffer overflowEPSS 1.7%CVE-2024-11960HIGHD-Link DIR-605L formSetPortTr buffer overflowEPSS 1.7%CVE-2023-51625HIGHD-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution VulnerabilityEPSS 1.7%CVE-2023-5153MEDIUMD-Link DAR-8000 querysql.php sql injectionEPSS 1.7%CVE-2023-7163CRITICALD-Link D-View 8 Unauthenticated Probe-Core Server CommunicationEPSS 1.7%CVE-2025-11488MEDIUMD-Link DIR-852 HNAP1 command injectionEPSS 1.7%CVE-2024-9914HIGHD-Link DIR-619L B1 formSetWizardSelectMode buffer overflowEPSS 1.6%CVE-2024-9913HIGHD-Link DIR-619L B1 formSetRoute buffer overflowEPSS 1.6%CVE-2023-32168HIGHD-Link D-View showUser Improper Authorization Privilege Escalation VulnerabilityEPSS 1.6%