Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
9 vulnerabilities by D-Link Corporation
CVE-2026-4377 (GCVE-0-2026-4377)
Vulnerability from nvd – Published: 2026-05-28 09:02 – Updated: 2026-05-28 12:02
VLAI
Title
Use of Weak Credentials in D-Link DWR-X1820 router
Summary
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.
This issue was fixed in version 1.00B16CP.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1391 - Use of Weak Credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cert.pl/posts/2026/05/CVE-2026-4377 | third-party-advisory |
| https://www.dlink.com/pl/pl/products/dwr-1820-cp#… | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| D-Link Corporation | DWR-X1820 |
Affected:
1.00B14CP , < 1.00B16CP
(custom)
|
Date Public
2026-05-28 08:58
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T12:01:49.404700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T12:02:42.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DWR-X1820",
"vendor": "D-Link Corporation",
"versions": [
{
"lessThan": "1.00B16CP",
"status": "affected",
"version": "1.00B14CP",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bart\u0142omiej W\u0142odarski"
}
],
"datePublic": "2026-05-28T08:58:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dlink\u0026nbsp;DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.\u003cbr\u003e\u003cbr\u003eThis issue was fixed in version\u0026nbsp;1.00B16CP."
}
],
"value": "Dlink\u00a0DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.\n\nThis issue was fixed in version\u00a01.00B16CP."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1391",
"description": "CWE-1391 Use of Weak Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T09:02:44.579Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2026/05/CVE-2026-4377"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/pl/pl/products/dwr-1820-cp#support"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use of Weak Credentials in D-Link DWR-X1820 router",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-4377",
"datePublished": "2026-05-28T09:02:44.579Z",
"dateReserved": "2026-03-18T12:46:23.457Z",
"dateUpdated": "2026-05-28T12:02:42.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4377 (GCVE-0-2026-4377)
Vulnerability from cvelistv5 – Published: 2026-05-28 09:02 – Updated: 2026-05-28 12:02
VLAI
Title
Use of Weak Credentials in D-Link DWR-X1820 router
Summary
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.
This issue was fixed in version 1.00B16CP.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1391 - Use of Weak Credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cert.pl/posts/2026/05/CVE-2026-4377 | third-party-advisory |
| https://www.dlink.com/pl/pl/products/dwr-1820-cp#… | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| D-Link Corporation | DWR-X1820 |
Affected:
1.00B14CP , < 1.00B16CP
(custom)
|
Date Public
2026-05-28 08:58
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T12:01:49.404700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T12:02:42.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DWR-X1820",
"vendor": "D-Link Corporation",
"versions": [
{
"lessThan": "1.00B16CP",
"status": "affected",
"version": "1.00B14CP",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bart\u0142omiej W\u0142odarski"
}
],
"datePublic": "2026-05-28T08:58:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dlink\u0026nbsp;DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.\u003cbr\u003e\u003cbr\u003eThis issue was fixed in version\u0026nbsp;1.00B16CP."
}
],
"value": "Dlink\u00a0DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number.\n\nThis issue was fixed in version\u00a01.00B16CP."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1391",
"description": "CWE-1391 Use of Weak Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T09:02:44.579Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2026/05/CVE-2026-4377"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/pl/pl/products/dwr-1820-cp#support"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use of Weak Credentials in D-Link DWR-X1820 router",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-4377",
"datePublished": "2026-05-28T09:02:44.579Z",
"dateReserved": "2026-03-18T12:46:23.457Z",
"dateUpdated": "2026-05-28T12:02:42.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
JVNDB-2021-002273
Vulnerability from jvndb - Published: 2021-08-17 14:09 - Updated:2021-08-17 14:09
Severity
Summary
Multiple vulnerabilities in D-Link router DSL-2750U
Details
D-Link router DSL-2750U is vulnerable to unauthorized configuration modification (CWE-15, CVE-2021-3707) and OS command injection (CWE-78, CVE-2021-3708).
Mohammed Hadi reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
References
| Type | URL | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002273.html",
"dc:date": "2021-08-17T14:09+09:00",
"dcterms:issued": "2021-08-17T14:09+09:00",
"dcterms:modified": "2021-08-17T14:09+09:00",
"description": "D-Link router DSL-2750U is vulnerable to unauthorized configuration modification (CWE-15, CVE-2021-3707) and OS command injection (CWE-78, CVE-2021-3708).\r\n\r\nMohammed Hadi reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002273.html",
"sec:cpe": {
"#text": "cpe:/o:dlink:dsl-2750u_firmware",
"@product": "DSL-2750U firmware",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "8.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
{
"@score": "8.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-002273",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU92088210/",
"@id": "JVNVU#92088210",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3707",
"@id": "CVE-2021-3707",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3708",
"@id": "CVE-2021-3708",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-3707",
"@id": "CVE-2021-3707",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-3708",
"@id": "CVE-2021-3708",
"@source": "NVD"
},
{
"#text": "https://github.com/HadiMed/firmware-analysis/blob/main/DSL-2750U%20(firmware%20version%201.6)/README.md",
"@id": "GitHub / HadiMed / firmware-analysis",
"@source": "Related document"
},
{
"#text": "https://cwe.mitre.org/data/definitions/15.html",
"@id": "CWE-15",
"@title": "External Control of System or Configuration Setting(CWE-15)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "Multiple vulnerabilities in D-Link router DSL-2750U"
}
JVNDB-2021-001343
Vulnerability from jvndb - Published: 2021-04-12 15:32 - Updated:2021-04-12 15:32
Severity
Summary
D-Link DAP-1880AC contains multiple vulnerabilities
Details
DAP-1880AC provided by D-Link Japan K.K. contains multiple vulnerabilities listed below.
* Improper access control (CWE-284) - CVE-2021-20694
* Improper privilege management (CWE-269) - CVE-2021-20695
* OS command injection (CWE-78) - CVE-2021-20696
* Missing authentication for critical function (CWE-306) - CVE-2021-20697
Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
References
| Type | URL | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-001343.html",
"dc:date": "2021-04-12T15:32+09:00",
"dcterms:issued": "2021-04-12T15:32+09:00",
"dcterms:modified": "2021-04-12T15:32+09:00",
"description": "DAP-1880AC provided by D-Link Japan K.K. contains multiple vulnerabilities listed below. \r\n\r\n * Improper access control (CWE-284) - CVE-2021-20694\r\n * Improper privilege management (CWE-269) - CVE-2021-20695\r\n * OS command injection (CWE-78) - CVE-2021-20696\r\n * Missing authentication for critical function (CWE-306) - CVE-2021-20697\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-001343.html",
"sec:cpe": {
"#text": "cpe:/o:dlink:dap-1880ac_firmware",
"@product": "DAP-1880AC firmware",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2021-001343",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU92898656/index.html",
"@id": "JVNVU#92898656",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20694",
"@id": "CVE-2021-20694",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20695",
"@id": "CVE-2021-20695",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20696",
"@id": "CVE-2021-20696",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20697",
"@id": "CVE-2021-20697",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-20694",
"@id": "CVE-2021-20694",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-20695",
"@id": "CVE-2021-20695",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-20696",
"@id": "CVE-2021-20696",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-20697",
"@id": "CVE-2021-20697",
"@source": "NVD"
},
{
"#text": "https://cwe.mitre.org/data/definitions/269.html",
"@id": "CWE-269",
"@title": "Improper Privilege Management(CWE-269)"
},
{
"#text": "https://cwe.mitre.org/data/definitions/284.html",
"@id": "CWE-284",
"@title": "Improper Access Control(CWE-284)"
},
{
"#text": "https://cwe.mitre.org/data/definitions/306.html",
"@id": "CWE-306",
"@title": "Missing Authentication for Critical Function(CWE-306)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "D-Link DAP-1880AC contains multiple vulnerabilities"
}
JVNDB-2013-000110
Vulnerability from jvndb - Published: 2013-11-22 14:51 - Updated:2013-11-26 16:15Summary
D-Link DES-3800 Series vulnerable to denial-of-service (DoS)
Details
DES-3800 Series provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in the Web manager function.
Note that this vulnerability is different from JVN#65312543.
Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000110.html",
"dc:date": "2013-11-26T16:15+09:00",
"dcterms:issued": "2013-11-22T14:51+09:00",
"dcterms:modified": "2013-11-26T16:15+09:00",
"description": "DES-3800 Series provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in the Web manager function.\r\n\r\nNote that this vulnerability is different from JVN#65312543.\r\n\r\nHisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000110.html",
"sec:cpe": {
"#text": "cpe:/h:dlink:des-3800",
"@product": "DES-3800 ",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000110",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN28812735/index.html",
"@id": "JVN#28812735",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5998",
"@id": "CVE-2013-5998",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5998",
"@id": "CVE-2013-5998",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "D-Link DES-3800 Series vulnerable to denial-of-service (DoS)"
}
JVNDB-2013-000109
Vulnerability from jvndb - Published: 2013-11-22 14:50 - Updated:2013-11-26 16:09Summary
D-Link DES-3800 Series vulnerable to denial-of-service (DoS)
Details
DES-3800 Series provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in the implementation of SSH.
Note that this vulnerability is different from JVN#28812735.
Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000109.html",
"dc:date": "2013-11-26T16:09+09:00",
"dcterms:issued": "2013-11-22T14:50+09:00",
"dcterms:modified": "2013-11-26T16:09+09:00",
"description": "DES-3800 Series provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in the implementation of SSH.\r\n\r\nNote that this vulnerability is different from JVN#28812735.\r\n\r\nHisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000109.html",
"sec:cpe": {
"#text": "cpe:/h:dlink:des-3800",
"@product": "DES-3800 ",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000109",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN65312543/index.html",
"@id": "JVN#65312543",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5997",
"@id": "CVE-2013-5997",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5997",
"@id": "CVE-2013-5997",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "D-Link DES-3800 Series vulnerable to denial-of-service (DoS)"
}
JVNDB-2013-000090
Vulnerability from jvndb - Published: 2013-09-20 15:12 - Updated:2013-09-30 15:52Summary
D-Link DES-3810 Series vulnerable to denial-of-service (DoS)
Details
DES-3810 Series provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in SSH implementation.
Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000090.html",
"dc:date": "2013-09-30T15:52+09:00",
"dcterms:issued": "2013-09-20T15:12+09:00",
"dcterms:modified": "2013-09-30T15:52+09:00",
"description": "DES-3810 Series provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in SSH implementation.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000090.html",
"sec:cpe": [
{
"#text": "cpe:/h:dlink:des-3810",
"@product": "DES-3810",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/o:dlink:des-3810_firmware",
"@product": "DES-3810 firmware",
"@vendor": "D-Link Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000090",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN70245052/",
"@id": "JVN#70245052",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4707",
"@id": "CVE-2013-4707",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4707",
"@id": "CVE-2013-4707",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "D-Link DES-3810 Series vulnerable to denial-of-service (DoS)"
}
JVNDB-2013-000089
Vulnerability from jvndb - Published: 2013-09-20 15:07 - Updated:2013-09-30 15:47Summary
D-Link DWL-2100AP vulnerable to denial-of-service (DoS)
Details
DWL-2100AP provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in SSH implementation.
Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000089.html",
"dc:date": "2013-09-30T15:47+09:00",
"dcterms:issued": "2013-09-20T15:07+09:00",
"dcterms:modified": "2013-09-30T15:47+09:00",
"description": "DWL-2100AP provided by D-Link Japan contains a denial-of-service (DoS) vulnerability due to an issue in SSH implementation.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000089.html",
"sec:cpe": [
{
"#text": "cpe:/a:dlink:dwl-2100ap_firmware",
"@product": "DWL-2100AP firmware",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/h:dlink:dwl-2100AP",
"@product": "DWL-2100AP",
"@vendor": "D-Link Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000089",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN03082733/",
"@id": "JVN#03082733",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4706",
"@id": "CVE-2013-4706",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4706",
"@id": "CVE-2013-4706",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "D-Link DWL-2100AP vulnerable to denial-of-service (DoS)"
}
JVNDB-2011-000092
Vulnerability from jvndb - Published: 2011-10-28 17:42 - Updated:2011-10-28 17:42Summary
Multiple D-Link products vulnerable to buffer overflow
Details
Multiple D-Link products contain a buffer overflow vulnerability.
Multiple D-Link products contain a buffer overflow vulnerability due to a SSH implementation issue.
Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000092.html",
"dc:date": "2011-10-28T17:42+09:00",
"dcterms:issued": "2011-10-28T17:42+09:00",
"dcterms:modified": "2011-10-28T17:42+09:00",
"description": "Multiple D-Link products contain a buffer overflow vulnerability.\r\n\r\nMultiple D-Link products contain a buffer overflow vulnerability due to a SSH implementation issue.\r\n\r\nHisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000092.html",
"sec:cpe": [
{
"#text": "cpe:/h:dlink:des-3800",
"@product": "DES-3800 ",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/h:dlink:dwl-2100AP",
"@product": "DWL-2100AP",
"@vendor": "D-Link Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/h:dlink:dwl-3200AP",
"@product": "DWL-3200AP",
"@vendor": "D-Link Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "10.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000092",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN72640744/index.html",
"@id": "JVN#72640744",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3992",
"@id": "CVE-2011-3992",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3992",
"@id": "CVE-2011-3992",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201110_dlink_en.html",
"@id": "Security Alert for Vulnerability in Multiple D-Link Products",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Multiple D-Link products vulnerable to buffer overflow"
}