CVSS: 7.5EPSS: 10%CPEs: 3EXPL: 2CVE-2004-1650 – D-Link DCS-900 Camera - Remote IP Address Changer
https://notcve.org/view.php?id=CVE-2004-1650
D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet. • https://www.exploit-db.com/exploits/425 http://marc.info/?l=bugtraq&m=109396893820049&w=2 http://miscname.com/public/dcs-900 http://secunia.com/advisories/12425 http://securitytracker.com/id?1011100 http://www.securityfocus.com/bid/11072 https://exchange.xforce.ibmcloud.com/vulnerabilities/17171 •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0CVE-2004-0661
https://notcve.org/view.php?id=CVE-2004-0661
Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years. • http://marc.info/?l=bugtraq&m=108844250013785&w=2 http://secunia.com/advisories/12018 http://www.osvdb.org/7294 http://www.securityfocus.com/archive/1/367485 http://www.securityfocus.com/bid/10621 https://exchange.xforce.ibmcloud.com/vulnerabilities/16531 •
CVSS: 5.1EPSS: 1%CPEs: 3EXPL: 1CVE-2004-0615 – D-Link AirPlus DI-614+ / DI-624 / DI-704 - DHCP Log HTML Injection
https://notcve.org/view.php?id=CVE-2004-0615
Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en D-Link DI-614+ SOHO router corriendo firmware 2.30 y DI-704 SOHO Router corriendo firmware 2.60B2 permite a atacantes remotos inyectar script arbitrario o HTML mediante la opción DHCP HOSTNAME en una petición DHCP. • https://www.exploit-db.com/exploits/24226 http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html http://marc.info/?l=bugtraq&m=108786257609932&w=2 http://marc.info/?l=bugtraq&m=108797273127182&w=2 http://secunia.com/advisories/11919 http://securitytracker.com/id?1010562 http://www.osvdb.org/7211 http://www.securityfocus.com/bid/10587 https://exchange.xforce.ibmcloud.com/vulnerabilities/16468 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2CVE-2003-1264
https://notcve.org/view.php?id=CVE-2003-1264
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication. • http://www.iss.net/security_center/static/10997.php http://www.securityfocus.com/archive/1/305344 http://www.securityfocus.com/archive/1/305391 http://www.securityfocus.com/bid/6533 http://www.securitytracker.com/id?1005897 •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2003-1346
https://notcve.org/view.php?id=CVE-2003-1346
D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. • http://marc.info/?l=bugtraq&m=104267037431451&w=2 http://marc.info/?l=bugtraq&m=104311601319909&w=2 http://www.securityfocus.com/bid/6609 http://www.securitytracker.com/id?1005926 https://exchange.xforce.ibmcloud.com/vulnerabilities/11074 • CWE-264: Permissions, Privileges, and Access Controls •