This page lists publicly disclosed CVE vulnerabilities affecting dlink dwl-2600ap_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-0127 | A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root. | [email protected] | 7.8 | 1.98% | 2023-02-11 | 2026-06-17 |
| CVE-2019-20501 | D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade firmwareRestore or firmwareServerip parameter. | [email protected] | 7.8 | 90.48% | 2020-03-05 | 2026-06-16 |
| CVE-2019-20500 KEV | D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter. | [email protected] | 7.8 | 97.11% | 2020-03-05 | 2026-06-16 |
| CVE-2019-20499 | D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter. | [email protected] | 7.8 | 96.64% | 2020-03-05 | 2026-06-16 |