Dlink Dir-645 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Dlink Dir-645 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2015-2052 — CVSS 10.0 (critical): Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to…
CVE-2013-7471 — CVSS 9.8 (critical): An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11…
CVE-2022-32092 — CVSS 9.8 (critical): D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.
CVE-2022-46475 — CVSS 9.8 (critical): D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function.
CVE-2018-25115 — CVSS 9.8 (critical): Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03…
CVE-2023-36089 — CVSS 9.8 (critical): Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via…
CVE-2021-43722 — CVSS 9.8 (critical): D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction…
CVE-2025-7192 — CVSS 6.3 (medium): A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgi_main of the…
CVE-2025-10689 — CVSS 6.3 (medium): A vulnerability was identified in D-Link DIR-645 105B01. This issue affects the function soapcgi_main of the file /soap.cgi. Such…
CVE-2020-25786 — CVSS 6.1 (medium): webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This…
CVE-2013-7389 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers…