CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-46033
https://notcve.org/view.php?id=CVE-2023-46033
19 Oct 2023 — D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control. D-Link (Non-US) DSL-2750U N300 ADSL2+ y (Non-US) DSL-2730U N150 ADSL2+ son vulnerables a un control de acceso incorrecto. La interfaz UART/Serial en la PCB proporciona salida de registro y un terminal root sin control de acceso adecuado. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10357 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-13960
https://notcve.org/view.php?id=CVE-2020-13960
08 Jun 2020 — D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name. Los dispositivos D-Link DSL 2730-U versiones IN_1.10 e IN_1.11 y DIR-600M versiones 3.04, poseen la cadena domain.name en la ruta de búsqueda de reso... • https://harigovind.org/articles/who-is-hijacking-my-nxdomains •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2017-6411 – D-Link DSL-2730U Wireless N 150 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2017-6411
01 Mar 2017 — Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. Vulnerabilidad de CSRF en dispositivos D-Link DSL-2730U C1 IN_1.00 permite a atacantes remotos cambiar la configuración del DNS o firewall o cualquier contraseña. D-Link DSL-2730U Wireless N 150 suffers from cross site request forgery vulnerabilities. • https://packetstorm.news/files/id/141390 • CWE-352: Cross-Site Request Forgery (CSRF) •