Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dsl\-3782_firmware
(Dlink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-07-29 | CVE-2022-34528 | D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue. | Dsl\-3782_firmware | 8.8 | ||
| 2022-08-23 | CVE-2022-35191 | D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via a crafted HTTP connection request. | Dsl\-3782_firmware | 6.5 | ||
| 2022-08-26 | CVE-2022-35192 | D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp. | Dsl\-3782_firmware | 7.5 | ||
| 2023-10-10 | CVE-2023-44959 | An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page. | Dsl\-3782_firmware | 8.8 | ||
| 2018-05-23 | CVE-2018-8898 | A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel. | Dsl\-3782_firmware | 9.8 | ||
| 2019-04-01 | CVE-2018-17990 | An issue was discovered on D-Link DSL-3782 devices with firmware 1.01. An OS command injection vulnerability in Acl.asp allows a remote authenticated attacker to execute arbitrary OS commands via the ScrIPaddrEndTXT parameter. | Dsl\-3782_firmware | 8.8 | ||
| 2019-04-01 | CVE-2018-17989 | A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user's browser when "/cgi-bin/New_GUI/Acl.asp" is requested. | Dsl\-3782_firmware | 5.4 |