Dlink Dir-850l Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Dlink Dir-850l Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2016-6563 — CVSS 9.8 (critical): Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers…
CVE-2017-14417 — CVSS 9.8 (critical): register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not require authentication, which can result in…
CVE-2017-14421 — CVSS 9.8 (critical): D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have a hardcoded password of wrgac25_dlink.2013gui_dir850l for the…
CVE-2017-14429 — CVSS 9.8 (critical): The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02)…
CVE-2018-20675 — CVSS 9.8 (critical): D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta…
CVE-2018-9032 — CVSS 9.8 (critical): An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version : A1, B1…
CVE-2023-49004 — CVSS 9.8 (critical): An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter.
CVE-2017-3193 — CVSS 8.8 (high): Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability…
CVE-2018-20674 — CVSS 8.8 (high): D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta…
CVE-2017-14418 — CVSS 8.1 (high): The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices, sends the…
CVE-2017-14425 — CVSS 7.8 (high): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666…
CVE-2017-14427 — CVSS 7.8 (high): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666…
CVE-2017-14426 — CVSS 7.8 (high): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0644…
CVE-2017-14428 — CVSS 7.8 (high): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666…
CVE-2017-14424 — CVSS 7.8 (high): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666…
CVE-2019-7642 — CVSS 7.5 (high): D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain…
CVE-2017-14422 — CVSS 7.5 (high): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices use the same…
CVE-2017-14423 — CVSS 7.5 (high): htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices does not prevent…
CVE-2017-14430 — CVSS 7.5 (high): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allow remote…
CVE-2021-46378 — CVSS 7.5 (high): DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration…
CVE-2021-46379 — CVSS 6.1 (medium): DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site.
CVE-2017-14413 — CVSS 6.1 (medium): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices have XSS in the action parameter to htdocs/web/wpsacts.php.
CVE-2017-14414 — CVSS 6.1 (medium): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices have XSS in the action parameter to htdocs/web/shareport.php.
CVE-2017-14415 — CVSS 6.1 (medium): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices have XSS in the action parameter to htdocs/web/sitesurvey.php.
CVE-2017-14416 — CVSS 6.1 (medium): D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices have XSS in the action parameter to htdocs/web/wandetect.php.
CVE-2017-14420 — CVSS 5.9 (medium): The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware…
CVE-2017-14419 — CVSS 5.9 (medium): The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware…