CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-7320
https://notcve.org/view.php?id=CVE-2013-7320
Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware before 1.30 allows remote attackers to hijack the authentication of administrators for requests that modify configuration settings via unspecified vectors. Vulnerabilidad de CSRF en el punto de acceso D-Link DAP-2253 (Rev. A1) con firmware anterior a 1.30 permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que modifican la configuración a través de vectores no especificados. • http://secunia.com/advisories/56022 http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10006 http://www.securityfocus.com/bid/64297 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2292
https://notcve.org/view.php?id=CVE-2010-2292
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en las herramientas Ping del interfase web en el router Dlink Di-604, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro IP. • http://www.securityfocus.com/archive/1/511751/100/0/threaded http://www.securityfocus.com/bid/40691 https://exchange.xforce.ibmcloud.com/vulnerabilities/59364 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2293
https://notcve.org/view.php?id=CVE-2010-2293
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size. La interfaz web de las herramientas Ping en el enrutador Dlink Di-604 permite a usuarios remotos autenticados causar una denegación de servicio a través de un campo "ip textfield" demasiado grande. • http://www.securityfocus.com/archive/1/511751/100/0/threaded http://www.securityfocus.com/bid/40691 https://exchange.xforce.ibmcloud.com/vulnerabilities/59366 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 4CVE-2010-0936 – D-Link DKVM-IP8 - 'auth.asp' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-0936
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en auth.asp en D-LINK DKVM-IP8 con firmware 2282_dlinkA4_p8_20071213, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro nickname. • https://www.exploit-db.com/exploits/33471 https://www.exploit-db.com/exploits/11030 http://osvdb.org/61615 http://secunia.com/advisories/38051 http://www.exploit-db.com/exploits/11030 http://www.securityfocus.com/bid/37646 http://www.vupen.com/english/advisories/2010/0083 https://exchange.xforce.ibmcloud.com/vulnerabilities/55429 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2009-3347
https://notcve.org/view.php?id=CVE-2009-3347
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Desbordamiento de búfer en el router inalámbrico D-Link DIR-400, permite a atacantes remotos ejecutar código de su elección a através de vectores no especificados, como se ha demostrado en determinado módulo de VulnDisco Pack Professional v8.10 hasta v8.11. NOTA: A fecha de 17/09/2009 este aviso no cuenta con más información. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36454 http://www.osvdb.org/57791 http://www.securityfocus.com/bid/36237 http://www.securitytracker.com/id?1022826 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •