Vulnerabilidades em D-Link

777 resultados
Análise Vexday

Com 777 CVEs catalogadas e 57 surgidas nos últimos 90 dias, o portfólio de vulnerabilidades da D-Link apresenta um ritmo de descoberta que exige monitoramento contínuo. A taxa de exploração ativa está em linha com a média geral do catálogo, mas o destaque crítico é CVE-2024-3273, que possui EPSS máximo de 1.0 — indicando probabilidade extremamente alta de exploração ativa —, e deve ser tratada como prioridade absoluta de mitigação. A presença de 80 CVEs com PoC pública, combinada com 56 falhas de severidade crítica, amplia significativamente a superfície de ataque disponível para agentes mal-intencionados. O tipo de falha mais frequente, CWE-121 (stack-based buffer overflow), é historicamente associado à execução remota de código, o que reforça a urgência de aplicar correções e segmentar dispositivos D-Link expostos à rede.

CVE-2025-1539HIGHD-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflowEPSS 1.5%CVE-2024-10916MEDIUMD-Link DNS-320/DNS-320LW/DNS-325/DNS-340L HTTP GET Request info.xml information disclosureEPSS 1.5%CVE-2024-9549HIGHD-Link DIR-605L formEasySetupWizard formEasySetupWizard2 buffer overflowEPSS 1.5%CVE-2024-9550HIGHD-Link DIR-605L formLogDnsquery buffer overflowEPSS 1.5%CVE-2024-9533HIGHD-Link DIR-605L formDeviceReboot buffer overflowEPSS 1.5%CVE-2023-32222CRITICALD-Link DSL-G256DG firmware version vBZ_1.00.27 Authentication BypassEPSS 1.5%CVE-2023-44410HIGHD-Link D-View showUsers Improper Authorization Privilege Escalation VulnerabilityEPSS 1.5%CVE-2024-9532HIGHD-Link DIR-605L formAdvanceSetup buffer overflowEPSS 1.5%CVE-2021-34863HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routerEPSS 1.4%CVE-2023-34279MEDIUMD-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution VulnerabilityEPSS 1.4%CVE-2024-9559HIGHD-Link DIR-605L formWlanSetup buffer overflowEPSS 1.4%CVE-2024-9557HIGHD-Link DIR-605L formSetWanPPPoE buffer overflowEPSS 1.4%CVE-2024-9514HIGHD-Link DIR-605L formSetDomainFilter buffer overflowEPSS 1.4%CVE-2021-34860MEDIUMThis vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc00EPSS 1.4%CVE-2025-9938HIGHD-Link DI-8400 yyxz.asp yyxz_dlink_asp stack-based overflowEPSS 1.4%CVE-2025-0481MEDIUMD-Link DIR-878 HTTP POST Request dllog.cgi information disclosureEPSS 1.4%CVE-2026-7069HIGHD-Link DIR-825 miniupnpd upnpsoap.c AddPortMapping buffer overflowEPSS 1.4%CVE-2020-27862HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A roEPSS 1.4%CVE-2024-9552HIGHD-Link DIR-605L formSetWanNonLogin buffer overflowEPSS 1.4%CVE-2024-9558HIGHD-Link DIR-605L formSetWanPPTP buffer overflowEPSS 1.4%