Dlink Dir-878
42 CVEs affecting Dlink Dir-878. Latest disclosed: 2025-11-13. Critical: 12, High: 24.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-27720 | Critical | 9.8 | 2023-04-09 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (… |
CVE-2023-24800 | Critical | 9.8 | 2023-04-07 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of… |
CVE-2023-24799 | Critical | 9.8 | 2023-04-07 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of… |
CVE-2023-24798 | Critical | 9.8 | 2023-04-07 | D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of… |
CVE-2022-44801 | Critical | 9.8 | 2022-11-22 | D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. |
CVE-2022-44202 | Critical | 9.8 | 2022-11-22 | D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. |
CVE-2022-43184 | Critical | 9.8 | 2022-10-19 | D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi. |
CVE-2021-44882 | Critical | 9.8 | 2022-02-04 | D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function. This vulnerability allows attac… |
CVE-2021-44880 | Critical | 9.8 | 2022-02-04 | D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the… |
CVE-2021-30072 | Critical | 9.8 | 2021-04-02 | An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require… |
CVE-2019-9125 | Critical | 9.8 | 2019-02-25 | An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not requi… |
CVE-2019-9124 | Critical | 9.8 | 2019-02-25 | An issue was discovered on D-Link DIR-878 1.12B01 devices. At the /HNAP1 URI, an attacker can log in with a blank password. |
CVE-2022-41140 | High | 8.8 | 2023-01-26 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not requ… |
CVE-2022-26670 | High | 8.8 | 2022-04-07 | D-Link DIR-878 has inadequate filtering for special characters in the webpage input field. An unauthenticated LAN attacker can perform command injection attack… |
CVE-2020-15633 | High | 8.8 | 2020-07-23 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with fi… |
CVE-2020-8864 | High | 8.8 | 2020-03-23 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with fi… |
CVE-2020-8863 | High | 8.8 | 2020-03-23 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with fi… |
CVE-2019-8319 | High | 8.8 | 2019-02-13 | An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code… |
CVE-2019-8318 | High | 8.8 | 2019-02-13 | An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code… |
CVE-2019-8317 | High | 8.8 | 2019-02-13 | An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code… |