Page 29 of 157 results (0.007 seconds)

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. • https://www.exploit-db.com/exploits/27923 http://secunia.com/advisories/20343 http://securityreason.com/securityalert/980 http://securitytracker.com/id?1016173 http://www.eazel.es/media/advisory003-D-Link-DSA-3100-Cross-Site-Scripting.html http://www.securityfocus.com/archive/1/435212/100/0/threaded http://www.securityfocus.com/bid/18168 http://www.vupen.com/english/advisories/2006/2028 https://exchange.xforce.ibmcloud.com/vulnerabilities/26759 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2

Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. • http://securitytracker.com/id?1016038 http://www.gnucitizen.org/projects/router-hacking-challenge http://www.securiteam.com/securitynews/5JP0220IKK.html http://www.securityfocus.com/archive/1/489009/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/26555 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 9%CPEs: 2EXPL: 2

D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments. • https://www.exploit-db.com/exploits/27241 http://secunia.com/advisories/18932 http://securityreason.com/securityalert/441 http://www.securityfocus.com/archive/1/425169/100/0/threaded http://www.securityfocus.com/bid/16690 http://www.vupen.com/english/advisories/2006/0637 https://exchange.xforce.ibmcloud.com/vulnerabilities/24762 •

CVSS: 5.0EPSS: 12%CPEs: 4EXPL: 3

D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment. • https://www.exploit-db.com/exploits/1496 http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0188.html http://secunia.com/advisories/18833 http://www.securityfocus.com/bid/16621 http://www.thunkers.net/~deft/advisories/dlink_udp_dos.txt http://www.vupen.com/english/advisories/2006/0563 https://exchange.xforce.ibmcloud.com/vulnerabilities/24631 •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address. • http://marc.info/?l=bugtraq&m=111652806030943&w=2 http://www.vupen.com/english/advisories/2005/0573 •