RSS   Vulnerabilities for 'Central wifimanager'   RSS

2019-07-06
 
CVE-2019-13375

CWE-89
 

 
A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication.

 
 
CVE-2019-13374

CWE-79
 

 
A cross-site scripting (XSS) vulnerability in resource view in PayAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to inject arbitrary web script or HTML via the index.php/Pay/passcodeAuth passcode parameter.

 
 
CVE-2019-13373

CWE-89
 

 
An issue was discovered in the D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL.

 
 
CVE-2019-13372

CWE-287
 

 
/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication.

 
2019-01-31
 
CVE-2018-15515

CWE-264
 

 
The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges.

 

 >>> Vendor: Dlink 80 Products
Mpeg4 viewer activex control
Dir-615
Dcs-2121 firmware
Dcs-2121
Des-3800 firmware
Dwl-2100ap firmware
Dwl-3200ap firmware
Des-3800
Dwl-2100ap
Dwl-3200ap
Dir-685
Dsl-2640b
Dsl-2640b firmware
Dcs-2000
Dcs-5300
Dcs-900
Des-3810
Des-3810 firmware
Dsl-2740b
Dsl-2740b firmware
Dir865l
Dir865l firmware
Dsl-2760u
Des-3810-28
Des-3810-28 firmware
Dwr-932b firmware
Websmart dgs-1510 series firmware
Dsl-2730u firmware
Dwr-116 firmware
Dir-600m firmware
Dir-605l firmware
Dwr-933 firmware
Dir-601 firmware
Dir-620 firmware
Dir-818l(w) firmware
Dir-822 firmware
Dir-823 firmware
Dir-850l firmware
Dir-868l firmware
Dir-880l firmware
Dir-885l firmware
Dir-890l firmware
Dir-895l firmware
Dir-615 firmware
Eyeon baby monitor firmware
Dcm-604 firmware
Dcm-704 firmware
Dir-818lw firmware
Dir-860l firmware
Dir-140l firmware
Dir-640l firmware
Dsl-2770l firmware
Dwr-512 firmware
Dwr-555 firmware
Dwr-921 firmware
Dir-822-us firmware
Dir-823g firmware
Dva-5592 firmware
Dir-878 firmware
Central wifimanager
Dir-816 firmware
Dsl-3782 firmware
Dir-816l firmware
Dir-817lw firmware
Di-524 firmware
Dcs-5009l firmware
Dcs-5010l firmware
Dcs-5020l firmware
Dcs-5025l firmware
Dcs-5030l firmware
Dcs-930l firmware
Dcs-931l firmware
Dcs-932l firmware
Dcs-933l firmware
Dcs-934l firmware
Dir-300 firmware
Dir-865 firmware
Dcs-1130 firmware
Dcs-1100 firmware
Dir-655 firmware


Copyright 2019, cxsecurity.com

 

Back to Top