Dlink CVEs & Vulnerabilities

148 CVEs affecting Dlink products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

dir-513 33dir-513 firmware 33di-8003 firmware 28di-8003 28dns-320 25dns-320 firmware 25dns-1100-4 firmware 22dns-726-4 firmware 22
CVE-2026-2856HIGHpoc

A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_424AFC of the file /boafrm/formFilter of the component Filter Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.

21 Feb 2026
8.8
CVSS
CVE-2026-2855HIGHpoc

A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub_4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

20 Feb 2026
8.8
CVSS
CVE-2026-2854HIGHpoc

A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub_4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.

20 Feb 2026
8.8
CVSS
CVE-2026-2853HIGHpoc

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub_462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.

20 Feb 2026
8.8
CVSS
← PrevPage 4 / 4Next →