CVSS: 5.3EPSS: 21%CPEs: 88EXPL: 1CVE-2024-0717 – D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure
https://notcve.org/view.php?id=CVE-2024-0717
19 Jan 2024 — A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, D... • https://github.com/999zzzzz/D-Link • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2014-10025
https://notcve.org/view.php?id=CVE-2014-10025
13 Jan 2015 — Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that change the (1) Enable Wireless, (2) MBSSID, (3) BSSID, (4) Hide Access Point, (5) SSID, (6) Country, (7) Channel, (8) Wireless mode, or (9) Max Associated Clients setting via a crafted request to index.cgi. Múltiples vulnerabilidades de CSRF en D-Link DAP-1360 con firmware 2.5.4 y anteriores permiten a atacant... • http://seclists.org/fulldisclosure/2014/Nov/19 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2014-10026
https://notcve.org/view.php?id=CVE-2014-10026
13 Jan 2015 — index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows remote attackers to bypass authentication and obtain sensitive information by setting the client_login cookie to admin. index.cgi en D-Link DAP-1360 con firmware 2.5.4 y anteriores permite a atacantes remotos evadir la autenticación y obtener información sensible mediante la configuración de la cookie client_login en admin. • http://seclists.org/fulldisclosure/2014/Nov/19 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2014-10027
https://notcve.org/view.php?id=CVE-2014-10027
13 Jan 2015 — Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that (1) change the MAC filter restrict mode, (2) add a MAC address to the filter, or (3) remove a MAC address from the filter via a crafted request to index.cgi. Múltiples vulnerabilidades de CSRF en el router D-Link DAP-1360 con firmware 2.5.4 y anteruiores permiten a atacantes remotos secuestrar la autent... • http://seclists.org/fulldisclosure/2014/Nov/100 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2CVE-2014-10028
https://notcve.org/view.php?id=CVE-2014-10028
13 Jan 2015 — Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi when res_config_id is set to 41. Vulnerabilidad de XSS en el router D-Link DAP-1360 con firmware 2.5.4 y posteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro res_buf parameter en index.cgi cuando res_config_id está configurado a 41. • http://seclists.org/fulldisclosure/2014/Nov/100 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •