Lucene search

K
cve[email protected]CVE-2015-5999
HistoryNov 18, 2015 - 4:59 p.m.

CVE-2015-5999

2015-11-1816:59:02
CWE-352
web.nvd.nist.gov
32
csrf
d-link
dir-816l
wireless router
firmware
cve-2015-5999
nvd

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.893 High

EPSS

Percentile

98.8%

Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) change the network policy, or (3) possibly have other unspecified impact via crafted requests to hedwig.cgi and pigwidgeon.cgi.

Affected configurations

NVD
Node
dlinkdir-816l_firmwareRange2.05.b02
AND
dlinkdir-816lMatch-

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.893 High

EPSS

Percentile

98.8%