Dir-601 firmware

This hub aggregates every CVE we track for Dir-601 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 6 most recently published vulnerabilities affecting Dir-601 firmware.

• CVE-2019-16327D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this...9.8Dec 26, 2019
• CVE-2019-16326D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and ...8.8Dec 26, 2019
• CVE-2018-12710An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having only "User" account (which is a low privilege account) access, an attacker can intercept the response...8.0Aug 29, 2018
• CVE-2018-10641D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext.8.1May 4, 2018
• CVE-2018-5708An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cl...8.0Mar 30, 2018
• CVE-2011-4821Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote attackers to read arbitrary files via unspecified vectors.5.0Jun 20, 2014