Security Advisories
Security Advisories
Global Security Advisories, Responses, and Notices
View By: Vulnerability | Model Number
Title Resolved Published Last Updated Related Products
DIR-626L / DIR-636L / DIR-826L / DIR-836L - Authentication Bypass - USB Storage Directory Traversal - UPnP Buffer Overflow - Cross-Site Request Forgery (CSRF) Unauthenticated Bypass - Information Disclosure - / / v. 1.02 /
Publication ID: SAP10043
Yes 21 August 2014
9:04 GMT
11 September 2014
12:04 GMT
DIR-626L
DIR-636L
DIR-826L
DIR-836L
UPnP Software Stack Vulnerabilities (Rapid7) - Command Injection Via UDP - Affected/Corrected Devices
Publication ID: SAP10036
Yes 3 July 2014
1:10 GMT
21 August 2014
10:47 GMT
DWL-3200AP Rev. Ax / Bx - Unauthorized Command Bypass / Information Disclosure - FW: 2.40 / 2.55RC515
Publication ID: SAP10041
Partial 6 August 2014
11:47 GMT
14 August 2014
11:37 GMT
DWL-3200AP
DAP-2553 - Multiple Security Vulnerabilities: Authentication Bypass, XSS, CSRF, Remote Command Injection - Firmware 1.27 and lower
Publication ID: SAP10006
Yes 26 November 2013
10:56 GMT
11 August 2014
10:26 GMT
DAP-2553
DSP-W215 - Rev. A1 - Stack Overflow - Command Bypass - Information Disclosure- (FW 1.02 and Older)
Publication ID: SAP10027
Yes 15 May 2014
10:04 GMT
11 August 2014
10:22 GMT
DIR-280 - Rev. A1 - Change User Credentails without Authentication
Publication ID: SAP10021
Yes 17 March 2014
11:18 GMT
11 August 2014
10:20 GMT
DIR-280
DIR-652 / DIR-835 / DIR-855L / DGL-5500 / DHP-1565 - Storage of Passwords in clear text, Cross-Site Scripting (XSS), Information Disclosure - (FW 1.02b18/1.12b02 or older)
Publication ID: SAP10025
Partial 8 May 2014
9:10 GMT
11 August 2014
10:13 GMT
DGL-5500
DHP-1565
DIR-652
DIR-835
DIR-855L
DNS-315 / DNS-320 / DNS-320L / DNS-320LW / DNS-325 / DNS-327L / DNS-345 - Vulnerability allows unauthorized access to reboot/shutdown/reset - F/W (Varies/Model Table Attached)
Publication ID: SAP10040
Yes 16 July 2014
9:40 GMT
11 August 2014
10:10 GMT
DNS-315L
DNS-320
DNS-320L
DNS-320LW
DNS-325
DNS-327L
DNS-345
DIR-605L - Rev. A1 - Information Dislosure - Plain Text Password Display - Unauthorized Command By-pass - (FW 1.14 and Older)
Publication ID: SAP10028
Open 22 May 2014
6:44 GMT
11 August 2014
9:42 GMT
DIR-605L
DNS-315L Rev. Ax / DNS-320L Rev. Ax / DNS-327L Rev Ax / DNS-340L Rev A1 / DNS-345 -Rev Ax - Command Injection allows Unauthenticated Command Bypass
Publication ID: SAP10042
Partial 9 August 2014
12:20 GMT
11 August 2014
8:40 GMT
DNS-315L
DNS-320L
DNS-327L
DNS-340L
DNS-345
OSPF Feature Vulnerability - Recommendations for D-Link Products supporting OSPF
Publication ID: SAP10037
Yes 3 July 2014
5:21 GMT
17 July 2014
6:46 GMT
OpenSSL Security Vulnerability - aka. "Heartbleed Bug" - CVE-2014-0160 - Security Incident Response for D-Link Devices and Services
Publication ID: SAP10022
Yes 11 April 2014
1:39 GMT
17 July 2014
5:24 GMT
DIR-505 / DIR-505L / DAP-1320 - All Revisions - Stack Overflow - Command Bypass - Information Disclosure - (FW: 1.07 and older / 1.01 and older)
Publication ID: SAP10029
Partial 23 May 2014
5:19 GMT
17 July 2014
4:54 GMT
DAP-1320
DIR-505
DIR-505L
DAP-1320 - Path Traversal, Cross-Site Scripting (XSS) Vulnerabilities
Publication ID: SAP10024
Yes 8 May 2014
6:34 GMT
17 July 2014
4:34 GMT
DAP-1320
DNS-320 - H/W Ax - Command Injection resutls in Root Shell - F/W 2.03 and older
Publication ID: SAP10039
Yes 16 July 2014
8:48 GMT
16 July 2014
10:36 GMT
DNS-320
DNR-322L/DNR-326 Rev. Ax - Multiple Vulnerabilities - F/W 1.x and Older
Publication ID: SAP10038
Yes 16 July 2014
7:03 GMT
16 July 2014
7:03 GMT
DNR-322L
DNR-326
DSR-150, DSR-250(N), DSR-500(N),1000(N) & DWC-1000 Authentication Bypass, Arbitrary Command Execution, persistent admin user, weak hash algorithms, credentials stored in plain-text, UPnP stack vulnerabilities, and bad local-file system permissions.
Publication ID: SAP10012
Yes 27 February 2014
10:03 GMT
2 July 2014
9:57 GMT
DSR-1000
DSR-1000N
DSR-150
DSR-150N
DSR-250
DSR-250N
DSR-500
DSR-500N
DWC-1000
DIR-100 Rev D1 /DIR-300 Rev Ax / DIR-320 Rev Ax / DIR-615 Rev D3 - Multiple Vulnerabilities - Command Injection, CSRF, XSS, Information Disclosure
Publication ID: SAP10017
Yes 7 March 2014
1:33 GMT
2 July 2014
6:51 GMT
DIR-100
DIR-615
DIR-635 Rev. B1 - CSRF, XSS, and Improper handling of Credentials - FW 2.34EU and Older
Publication ID: SAP10035
Open 2 July 2014
6:38 GMT
2 July 2014
6:38 GMT
DWC-1000 - Rev. Ax - Relative Path Traversal Attack (Null Byte) - (F/W 4.2.0.6_WW and Older)
Publication ID: SAP10026
Yes 10 May 2014
12:08 GMT
2 July 2014
6:17 GMT
DWC-1000