This page lists publicly disclosed CVE vulnerabilities affecting dlink dir-820l_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-52079 | The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp. | [email protected] | 8.8 | 0.49% | 2025-10-21 | 2026-06-17 |
| CVE-2024-51186 | D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. | [email protected] | 8.0 | 0.83% | 2024-11-11 | 2026-06-17 |
| CVE-2024-48150 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function. | [email protected] | 9.8 | 0.69% | 2024-10-14 | 2026-06-17 |
| CVE-2023-44809 | D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. | [email protected] | 9.8 | 0.85% | 2023-10-16 | 2026-06-17 |
| CVE-2023-44808 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. | [email protected] | 9.8 | 0.85% | 2023-10-16 | 2026-06-17 |
| CVE-2023-44807 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function. | [email protected] | 9.8 | 1.05% | 2023-10-06 | 2026-06-17 |
| CVE-2023-25281 | A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. | [email protected] | 7.5 | 1.07% | 2023-03-15 | 2026-06-17 |
| CVE-2023-25280 KEV | OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. | [email protected] | 9.8 | 98.05% | 2023-03-15 | 2026-06-17 |
| CVE-2023-25282 | A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. | [email protected] | 6.5 | 1.04% | 2023-03-15 | 2026-06-17 |
| CVE-2023-25279 | OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload. | [email protected] | 9.8 | 31.98% | 2023-03-13 | 2026-06-17 |
| CVE-2023-25283 | A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. | [email protected] | 7.5 | 1.18% | 2023-03-13 | 2026-06-17 |
| CVE-2022-34973 | D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp. | [email protected] | 7.5 | 14.76% | 2022-08-03 | 2026-06-17 |
| CVE-2022-26258 KEV | D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. | [email protected] | 9.8 | 81.19% | 2022-03-27 | 2026-06-17 |
| CVE-2021-45382 KEV | A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched. | [email protected] | 9.8 | 97.84% | 2022-02-17 | 2026-06-17 |
| CVE-2015-1187 KEV | The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp. | [email protected] | 9.8 | 82.88% | 2017-09-21 | 2026-06-16 |