Dlink: >> Dir-605l Security Vulnerabilities
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus.
CVSS Score
8.8
EPSS Score
0.013
Published
2023-02-10
CVE-2021-40655
An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page
Known exploited
CVSS Score
7.5
EPSS Score
0.933
Published
2021-09-24
An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter.
CVSS Score
9.8
EPSS Score
0.464
Published
2018-12-11
An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter.
CVSS Score
8.8
EPSS Score
0.25
Published
2018-12-11
On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.
CVSS Score
7.5
EPSS Score
0.252
Published
2017-06-15
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
Known exploited
CVSS Score
9.8
EPSS Score
0.94
Published
2015-05-01
Page 5