FAIL › dossier
· dossier confidence 20%
D-Link is a major networking vendor with a critical security track record characterized by repeated RCE vulnerabilities in consumer firmware, particularly in DIR-816A2 and DIR-823G devices. Their history of command injection flaws in HNAP1 and firmware components poses significant risk for CMMC environments.
D-Link has a documented history of critical remote code execution (RCE) vulnerabilities in consumer-grade firmware, particularly in DIR-816A2, DIR-820L, and DIR-823G devices, with multiple command injection flaws discovered between 2021 and 2024.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2024-02-08 | CVE-2024-24321 | critical | ⚡RCE | 50 | An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. |
| 2023-09-12 | CVE-2023-39637 | critical | ⚡RCE | 50 | D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis. |
| 2022-03-28 | CVE-2022-26258 | critical | ⚡RCE | 50 | D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. |
| 2021-11-04 | CVE-2020-25367 | critical | ⚡RCE | 50 | A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login. |
| 2021-11-04 | CVE-2020-25368 | critical | ⚡RCE | 50 | A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login. |
| 2022-08-23 | CVE-2021-42627 | critical | 35 | The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. | |
| 2022-05-23 | CVE-2022-28932 | critical | 35 | D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions. | |
| 2021-11-04 | CVE-2020-25366 | critical | 35 | An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors. |
“Hidden Backdoor in Tenda Router Firmware”
“CVEs and Security Vulnerabilities - OpenCVE”
“ICS Advisories | CISA”
“Accenture Confirms Intrusion After Hacker Claims 35GB Data Breach”
“NVD - Cve-2026-56291”
“A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05.”
“Database CVE, CWE, CISA KEV & Vulnerability Intelligence | CVE Find”
“Hidden Backdoor in Tenda Router Firmware - DataBreachToday”
“ICS Advisories | CISA”
“Current Data Breaches Archive | Class Action U”
“VulnCheck Advisories”
“Fines Database — GDPR Enforcement Tracker”
“A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login.”
“ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers”
“Database CVE, CWE, CISA KEV & Vulnerability Intelligence | CVE Find”
“Hidden Backdoor in Tenda Router Firmware - DataBreachToday”
“TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection”
“Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot”
“CVEs and Security Vulnerabilities - OpenCVE”
“An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors.”
“ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers”
Open questions: D-Link's current patch management process for firmware updates · D-Link's compliance status with CMMC requirements