Tag

D-Link

9 briefs RSS

D-Link DSL2600U 'rom-0' Admin Password Disclosure Vulnerability

A hardware exploit has been published on Exploit-DB for D-Link DSL2600U, detailing a 'rom-0' Admin Password Disclosure vulnerability that allows unauthorized access to the device's administration interface.

DSL2600U hardware password-disclosure d-link

2r 3w ago

critical advisory

D-Link DCS-935L HNAP Service Buffer Overflow (CVE-2026-8260)

1 rule 1 TTP 1 CVE

D-Link DCS-935L devices up to version 1.10.01 are vulnerable to a remote buffer overflow (CVE-2026-8260) in the HNAP service that can be triggered by manipulating the AdminPassword argument in the SetDeviceSettings function.

DCS-935L buffer-overflow cve d-link

1r 1t 1c May 11, 2026

high advisory

D-Link DI-8100 Stack-Based Buffer Overflow Vulnerability

2 rules 1 TTP 1 CVE

A stack-based buffer overflow vulnerability exists in D-Link DI-8100 with firmware version 16.07.26A1, affecting the sprintf function in the yyxz.asp file; manipulation of the ID argument can lead to remote exploitation.

DI-8100 firmware 16.07.26A1 buffer-overflow d-link router cve-2026-7851

2r 1t 1c May 5, 2026

critical advisory

D-Link DI-8100 Remote Buffer Overflow Vulnerability

2 rules 1 TTP 1 CVE

A buffer overflow vulnerability in the D-Link DI-8100 router allows remote attackers to execute arbitrary code by manipulating the 'fn' argument in the tgfile_htm function of the CGI endpoint.

DI-8100 cve-2026-7248 buffer-overflow d-link router

2r 1t 1c Apr 28, 2026

critical advisory

D-Link DIR-605L Router Buffer Overflow Vulnerability (CVE-2026-5980)

2 rules 4 TTPs 1 CVE

A buffer overflow vulnerability exists in the D-Link DIR-605L router version 2.13B01, allowing a remote attacker to execute arbitrary code by manipulating the `curTime` argument in the `formSetMACFilter` function.

cve buffer_overflow router d-link

2r 4t 1c Apr 9, 2026

critical advisory

D-Link DIR-882 Remote Command Injection Vulnerability (CVE-2026-5844)

2 rules 1 TTP 1 CVE 1 IOC

A command injection vulnerability (CVE-2026-5844) exists in the D-Link DIR-882 router version 1.01B02, allowing a remote attacker to execute arbitrary OS commands by manipulating the IPAddress argument in the HNAP1 SetNetworkSettings Handler via the prog.cgi script.

command-injection d-link router cve-2026-5844

2r 1t 1c 1i Apr 9, 2026

high advisory

D-LINK Router M60 and DIR-3040 'Airsnitch' Vulnerability

2 rules 5 TTPs

The 'Airsnitch' vulnerability in D-LINK Router M60 and DIR-3040 allows an attacker from an adjacent network to bypass security measures, disclose confidential information, and manipulate network traffic.

d-link router airsnitch vulnerability network-traffic-manipulation

2r 5t Apr 8, 2026

critical advisory

D-Link DI-8100 Remote Buffer Overflow Vulnerability (CVE-2026-7853)

2 rules 1 TTP 1 CVE

D-Link DI-8100 version 16.07.26A1 is vulnerable to a remote buffer overflow in the `sprintf` function within the `/auto_reboot.asp` file's HTTP handler component due to improper handling of the `enable/time` argument, potentially leading to arbitrary code execution.

DI-8100 buffer overflow remote code execution d-link cve-2026-7853

2r 1t 1c Jan 3, 2024

high advisory

D-Link DIR-825 Buffer Overflow Vulnerability in miniupnpd

2 rules 1 TTP 1 CVE

A buffer overflow vulnerability (CVE-2026-7069) exists in the AddPortMapping function of the miniupnpd component within D-Link DIR-825 routers (up to version 3.00b32), potentially enabling attackers on the local network to execute arbitrary code.

DIR-825 buffer-overflow cve miniupnpd d-link

2r 1t 1c Jan 2, 2024