Dlink Dir-860l_firmware
10 CVEs affecting Dlink Dir-860l_firmware. Latest disclosed: 2025-08-15. Critical: 4, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-42812 | Critical | 9.8 | 2024-08-19 | In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successf… |
CVE-2024-41611 | Critical | 9.8 | 2024-07-30 | In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet servic… |
CVE-2018-20114 | Critical | 9.8 | 2019-01-02 | On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cg… |
CVE-2018-6530 | Critical | 9.8 | 2018-03-06 | OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L… |
CVE-2025-9026 | High | 7.3 | 2025-08-15 | A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file htdocs/cgibin of the component Simple Service Di… |
CVE-2024-37605 | Medium | 6.5 | 2024-12-17 | A NULL pointer dereference in D-Link DIR-860L REVB_FIRMWARE_2.04.B04_ic5b allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. |
CVE-2020-25786 | Medium | 6.1 | 2020-09-19 | webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects… |
CVE-2018-6529 | Medium | 6.1 | 2018-03-06 | XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08… |
CVE-2018-6528 | Medium | 6.1 | 2018-03-06 | XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.0… |
CVE-2018-6527 | Medium | 6.1 | 2018-03-06 | XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATC… |