Shodan
Vulnerabilities
Vulnerable Software
Dlink:  >> Dir-865l  Security Vulnerabilities
CVE-2020-25786
webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header
CVSS Score
6.1
EPSS Score
0.005
Published
2020-09-19
CVE-2020-13783
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-06-03
CVE-2020-13784
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.
CVSS Score
7.5
EPSS Score
0.011
Published
2020-06-03
CVE-2020-13785
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-03
CVE-2020-13786
D-Link DIR-865L Ax 1.20B01 Beta devices allow CSRF.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-06-03
CVE-2020-13787
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-06-03
CVE-2020-13782
D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection.
CVSS Score
8.8
EPSS Score
0.171
Published
2020-06-03
CVE-2019-20213
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
CVSS Score
7.5
EPSS Score
0.008
Published
2020-01-02
CVE-2019-17621
Known exploited
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
CVSS Score
9.8
EPSS Score
0.925
Published
2019-12-30
CVE-2013-4855
D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-10-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved