Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

D-Link Central WiFiManager Software Controller Multiple Vulnerabilities

🗓️ 04 Oct 2018 00:00:00Reported by Core SecurityType 
coresecurity
 coresecurity👁 556 Views

D-Link Central WiFiManager Software Controller Multiple Vulnerabilities. Unrestricted file upload, improper authorization, and cross-site scripting lead to code execution. Hardcoded FTP credentials

Related
ReporterTitlePublishedViews
Family
0day.today		D-Link Central WiFiManager Software Controller Code Execution / XSS Exploit
5 Oct 201800:00
zdt
BDU FSTEC		The vulnerability of the UpdateSite function in the software controller for centralized control of wireless networks by D-Link Central WiFi Manager allows a intruder to inject any arbitrary code into the uploaded web page.
10 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the onUploadLogPic component of the software controller allows for the insertion of arbitrary HTML code by intruders, enabling them to manipulate wireless networks through the D-Link Central WiFi Manager.
10 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the software controller for the centralized control of wireless networks by D-Link Central WiFi Manager arises from the lack of measures taken to protect the website structure. This allows a hacker to inject arbitrary code into the uploaded web page.
10 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the software controller for the centralized control of wireless networks by D-Link Central WiFi Manager arises from the use of pre-installed credentials. This allows a hacker to execute arbitrary PHP code.
10 Jan 201900:00
bdu_fstec
Circl		CVE-2018-17440
5 Oct 201800:00
circl
Circl		CVE-2018-17441
5 Oct 201800:00
circl
Circl		CVE-2018-17442
5 Oct 201800:00
circl
Circl		CVE-2018-17443
5 Oct 201800:00
circl
CNVD		D-Link Central WiFi Manager Cross-Site Scripting Vulnerability (CNVD-2018-20464)
10 Oct 201800:00
cnvd
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Oct 2018 00:00Current
9High risk
Vulners AI Score9
CVSS 27.5
CVSS 39.8
EPSS0.3689
d-linkwifimanagervulnerabilitiescode executionhardcoded credentialssecurity advisoryphp filecross-site scriptingfile upload
556