Dlink Dir-600m Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Dlink Dir-600m Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-13101 — CVSS 9.8 (critical): An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication…
CVE-2019-7736 — CVSS 9.8 (critical): D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page. NOTE: this may overlap CVE-2019-13101.
CVE-2017-9100 — CVSS 8.8 (high): login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank…
CVE-2020-13960 — CVSS 7.5 (high): D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default…
CVE-2024-1786 — CVSS 7.5 (high): ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Affected by…
CVE-2018-16605 — CVSS 5.4 (medium): D-Link DIR-600M devices allow XSS via the Hostname and Username fields in the Dynamic DNS Configuration page.