Security Advisories
Security Advisories
Global Security Advisories, Responses, and Notices
Title Resolved Published Last Updated Related Products
OSPF Feature Vulnerability - Recommendations for D-Link Products supporting OSPF
Publication ID: SAP10037
Yes 3 July 2014
5:21 GMT
17 July 2014
6:46 GMT
OpenSSL Security Vulnerability - aka. "Heartbleed Bug" - CVE-2014-0160 - Security Incident Response for D-Link Devices and Services
Publication ID: SAP10022
Yes 11 April 2014
1:39 GMT
17 July 2014
5:24 GMT
DIR-505 / DIR-505L / DAP-1320 - All Revisions - Stack Overflow - Command Bypass - Information Disclosure - (FW: 1.07 and older / 1.01 and older)
Publication ID: SAP10029
Partial 23 May 2014
5:19 GMT
17 July 2014
4:54 GMT
DAP-1320
DIR-505
DIR-505L
DAP-1320 - Path Traversal, Cross-Site Scripting (XSS) Vulnerabilities
Publication ID: SAP10024
Yes 8 May 2014
6:34 GMT
17 July 2014
4:34 GMT
DAP-1320
DNS-320 - H/W Ax - Command Injection resutls in Root Shell - F/W 2.03 and older
Publication ID: SAP10039
Yes 16 July 2014
8:48 GMT
16 July 2014
10:36 GMT
DNS-320
DNS-315/320/320L/320LW/325/327L/345 - Vulnerability allows unauthorized access to reboot/shutdown/reset - F/W (Varies/Model Table Attached)
Publication ID: SAP10040
Yes 16 July 2014
9:40 GMT
16 July 2014
9:44 GMT
DNS-320
DNS-320L
DNS-325
DNS-327L
DNS-345
DNR-322L/DNR-326 Rev. Ax - Multiple Vulnerabilities - F/W 1.x and Older
Publication ID: SAP10038
Yes 16 July 2014
7:03 GMT
16 July 2014
7:03 GMT
DNR-322L
DNR-326
(Rapid7) Device UPnP Software Stack - Command Injection Via UDP - Affected/Corrected Device-List
Publication ID: SAP10036
Yes 3 July 2014
1:10 GMT
3 July 2014
3:13 GMT
DSR-150, DSR-250(N), DSR-500(N),1000(N) & DWC-1000 Authentication Bypass, Arbitrary Command Execution, persistent admin user, weak hash algorithms, credentials stored in plain-text, UPnP stack vulnerabilities, and bad local-file system permissions.
Publication ID: SAP10012
Yes 27 February 2014
10:03 GMT
2 July 2014
9:57 GMT
DSR-1000
DSR-1000N
DSR-150
DSR-150N
DSR-250
DSR-250N
DSR-500
DSR-500N
DWC-1000
DIR-100 Rev D1 /DIR-300 Rev Ax / DIR-320 Rev Ax / DIR-615 Rev D3 - Multiple Vulnerabilities - Command Injection, CSRF, XSS, Information Disclosure
Publication ID: SAP10017
Yes 7 March 2014
1:33 GMT
2 July 2014
6:51 GMT
DIR-100
DIR-615
DIR-635 Rev. B1 - CSRF, XSS, and Improper handling of Credentials - FW 2.34EU and Older
Publication ID: SAP10035
Open 2 July 2014
6:38 GMT
2 July 2014
6:38 GMT
DWC-1000 - Rev. Ax - Relative Path Traversal Attack (Null Byte) - (F/W 4.2.0.6_WW and Older)
Publication ID: SAP10026
Yes 10 May 2014
12:08 GMT
2 July 2014
6:17 GMT
DWC-1000
DWR-113 Rev. Ax - CSRF causing Denial of Service - FW v. 2.02 or older
Publication ID: SAP10034
Yes 2 July 2014
4:34 GMT
2 July 2014
4:43 GMT
DIR-615 - Rev. Ex - Web Configuration Pages have CSRF Vulnerabilities- (F/W 5.10 and Lower)
Publication ID: SAP10016
Yes 7 March 2014
1:08 GMT
1 July 2014
7:47 GMT
DIR-615
DIR-300 rev B / DIR-600 rev B / DIR-645 / DIR-845 / DIR-865 - Command Injection by UPnP Interface
Publication ID: SAP10033
Yes 1 July 2014
7:44 GMT
1 July 2014
7:44 GMT
DIR-615
DIR-645
DIR-865L
DIR-300 Rev. Bx / DIR-600 Rev Bx - Multiple Vulnerabilities - Command Injection, Information Disclosure, Plain-Text Password Storage, Unauthorized Password Change, Local Path Disclossure, XSS, (FW 2.03/2.14 and older)
Publication ID: SAP10032
Yes 30 June 2014
10:01 GMT
30 June 2014
10:01 GMT
DIR-600
DIR-600 / DIR-300 revB / DIR-815 / DIR-645 / DIR-412 / DIR-456 / DIR-110 - Multiple Vulneribilities - Commeand Injection and Information Disclosure,
Publication ID: SAP10031
Yes 30 June 2014
9:32 GMT
30 June 2014
9:32 GMT
DIR-600
DIR-615
DIR-645
DIR-600 - Rev. Bx - Web Configuration Pages have CSRF Vulnerabiliies - (F/W 2.16WW and lower)
Publication ID: SAP10018
Open 7 March 2014
9:10 GMT
30 June 2014
9:05 GMT
DAP-1150- Rev. Bx - Multiple Vulnerabilities - CSRF, XSS, Information Disclosure - (FW: Bx: 2.x)
Publication ID: SAP10030
Open 27 June 2014
12:28 GMT
30 June 2014
8:30 GMT
DSP-W215 - Rev. A1 - Stack Overflow - Command Bypass - Information Disclosure- (FW 1.02 and Older)
Publication ID: SAP10027
Open 15 May 2014
10:04 GMT
12 June 2014
4:48 GMT