Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

dir-619l_firmware

Source -

NVDADP

CNA CVEs -

0

ADP CVEs -

11

CISA CVEs -

0

NVD CVEs -

57
Related CVEsRelated VendorsRelated AssignersReports
57Vulnerabilities found
CVE-2020-19320
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.20% / 78.95%
||
7 Day CHG~0.00%
Published-11 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-619ldir-619l_firmwaren/adir-619l
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-19319
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 63.14%
||
7 Day CHG~0.00%
Published-11 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-619ldir-619l_firmwaren/a202l
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-19323
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.57%
||
7 Day CHG~0.00%
Published-11 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-619ldir-619l_firmwaren/adir-619l
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-37791
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-24.05% / 96.06%
||
7 Day CHG~0.00%
Published-17 Jul, 2023 | 00:00
Updated-31 Oct, 2024 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-619ldir-619l_firmwaren/adir-619l
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-20056
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-46.44% / 97.66%
||
7 Day CHG~0.00%
Published-11 Dec, 2018 | 09:00
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-619ldir-605l_firmwaredir-605ldir-619l_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-20057
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-13.44% / 94.22%
||
7 Day CHG~0.00%
Published-11 Dec, 2018 | 09:00
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-619ldir-605l_firmwaredir-605ldir-619l_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2014-8361
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-93.99% / 99.89%
||
7 Day CHG+0.11%
Published-01 May, 2015 | 00:00
Updated-22 Oct, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-09||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.

Action-Not Available
Vendor-atermn/aRealtek Semiconductor Corp.D-Link Corporation
Product-wf300hp2w500p_firmwaredir-501_firmwarewg1800hp4wr8165nwf800hp_firmwarewg1200hs2wf800hpw1200ex-msdir-809wg1200hp3_firmwaredir-600l_firmwaredir-619ldir-600lw1200ex_firmwarewg1900hp_firmwarewg1200hs2_firmwarewr8165n_firmwaredir-900ldir-615wg1800hp3_firmwarewg1200hp2wg1200hp_firmwarewg1200hs_firmwarew300p_firmwarewg1900hp2w500pwg1200hp2_firmwaredir-809_firmwarew1200exw300pwg1900hpw1200ex-ms_firmwarewg1200hprealtek_sdkwf300hp2_firmwaredir-905l_firmwaredir-615_firmwarewg1900hp2_firmwaredir-619l_firmwarewg1800hp4_firmwarewg1200hsdir-905ldir-501wg1200hp3dir-605ldir-605l_firmwaredir-515_firmwaredir-900l_firmwaredir-515wg1800hp3n/aSDK
  • Previous
  • 1
  • 2
  • Next