Dlink Dir-655
6 CVEs affecting Dlink Dir-655. Latest disclosed: 2025-06-17. Critical: 3, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-16920 | Critical | 9.8 | 2019-09-27 | Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an… |
CVE-2019-13561 | Critical | 9.8 | 2019-07-11 | D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi c… |
CVE-2019-13560 | Critical | 9.8 | 2019-07-11 | D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter. |
CVE-2025-6158 | High | 8.8 | 2025-06-17 | A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. Th… |
CVE-2019-13563 | High | 8.8 | 2019-07-11 | D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console. |
CVE-2019-13562 | Medium | 6.1 | 2019-07-11 | D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping… |