Vulnerabilidades em D-Link

778 resultados

Análise Vexday

Com 777 CVEs catalogadas e 57 surgidas nos últimos 90 dias, o portfólio de vulnerabilidades da D-Link apresenta um ritmo de descoberta que exige monitoramento contínuo. A taxa de exploração ativa está em linha com a média geral do catálogo, mas o destaque crítico é CVE-2024-3273, que possui EPSS máximo de 1.0 — indicando probabilidade extremamente alta de exploração ativa —, e deve ser tratada como prioridade absoluta de mitigação. A presença de 80 CVEs com PoC pública, combinada com 56 falhas de severidade crítica, amplia significativamente a superfície de ataque disponível para agentes mal-intencionados. O tipo de falha mais frequente, CWE-121 (stack-based buffer overflow), é historicamente associado à execução remota de código, o que reforça a urgência de aplicar correções e segmentar dispositivos D-Link expostos à rede.

CVE-2023-44415MEDIUMD-Link Multiple Routers cli Command Injection Remote Code Execution VulnerabilityEPSS 1.0%CVE-2026-5311MEDIUMD-Link DNS-1550-04 file_center.cgi Webdav_Access_List access controlEPSS 1.0%CVE-2020-27863MEDIUMThis vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-EPSS 1.0%CVE-2026-1685MEDIUMD-Link DIR-823X Login sub_40AC74 excessive authenticationEPSS 1.0%CVE-2025-4345HIGHD-Link DIR-600L formSetLog buffer overflowEPSS 1.0%CVE-2025-4344HIGHD-Link DIR-600L formLogin buffer overflowEPSS 1.0%CVE-2025-4346HIGHD-Link DIR-600L formSetWAN_Wizard534 buffer overflowEPSS 1.0%CVE-2025-4342HIGHD-Link DIR-600L formEasySetupWizard3 buffer overflowEPSS 1.0%CVE-2025-4343HIGHD-Link DIR-600L formEasySetupWizard buffer overflowEPSS 1.0%CVE-2024-13108MEDIUMD-Link DIR-816 A2 form2NetSniper.cgi access controlEPSS 1.0%CVE-2022-40720HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routerEPSS 1.0%CVE-2026-0625CRITICALD-Link DSL/DIR/DNS Authentication Bypass via DNS Configuration EndpointEPSS 1.0%CVE-2022-43645HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers.EPSS 1.0%CVE-2022-43642HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers.EPSS 1.0%CVE-2022-43646HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers.EPSS 1.0%CVE-2022-43644HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers.EPSS 1.0%CVE-2022-43647HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers.EPSS 1.0%CVE-2025-1877HIGHD-Link DAP-1562 HTTP POST Request pure_auth_check null pointer dereferenceEPSS 1.0%CVE-2025-34254MEDIUMD-Link Nuclias Connect <= v1.3.1.4 Login Account EnumerationEPSS 1.0%CVE-2025-34255MEDIUMD-Link Nuclias Connect <= v1.3.1.4 Forgot Password Account EnumerationEPSS 1.0%

← anteriorpágina 25 / 39próxima →