Dlink: >> Dir-820l Firmware Security Vulnerabilities
The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-21
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions.
CVSS Score
8.0
EPSS Score
0.01
Published
2024-11-11
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function.
CVSS Score
9.8
EPSS Score
0.006
Published
2024-10-14
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.
CVSS Score
9.8
EPSS Score
0.043
Published
2023-10-16
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.
CVSS Score
9.8
EPSS Score
0.025
Published
2023-10-16
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.
CVSS Score
9.8
EPSS Score
0.033
Published
2023-10-06
CVE-2023-25280
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
Known exploited
CVSS Score
9.8
EPSS Score
0.918
Published
2023-03-16
A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-03-16
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-03-15
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload.
CVSS Score
9.8
EPSS Score
0.697
Published
2023-03-13
Page 1