Shodan
Vulnerabilities
Vulnerable Software
Dlink:  Security Vulnerabilities
CVE-2025-44835
D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell.
CVSS Score
6.3
EPSS Score
0.026
Published
2025-05-01
CVE-2025-29743
D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting.
CVSS Score
6.5
EPSS Score
0.06
Published
2025-04-22
CVE-2025-3785
A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formStaticDHCP of the component Authorization Interface. The manipulation of the argument Hostname leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.49 is able to address this issue. It is recommended to upgrade the affected component.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-04-18
CVE-2025-29039
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8
CVSS Score
7.2
EPSS Score
0.004
Published
2025-04-17
CVE-2025-29042
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c
CVSS Score
9.8
EPSS Score
0.011
Published
2025-04-17
CVE-2025-29043
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234
CVSS Score
9.8
EPSS Score
0.011
Published
2025-04-17
CVE-2025-29040
An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c
CVSS Score
9.8
EPSS Score
0.011
Published
2025-04-17
CVE-2025-29041
An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c
CVSS Score
9.8
EPSS Score
0.011
Published
2025-04-17
CVE-2025-3538
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-04-13
CVE-2025-28398
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-04-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved