Lucene search

Dl4343 Firmware Security Vulnerabilities

cve

CVE-2019-20072

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS...

6.1CVSS

6AI Score

0.002EPSS

2019-12-30 12:15 AM

cve

CVE-2019-20070

On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field of the URL Blocking...

6.1CVSS

6AI Score

0.002EPSS

2019-12-30 12:15 AM

cve

CVE-2019-20071

On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete all...

6.5CVSS

6.5AI Score

0.002EPSS

2019-12-30 12:15 AM

cve

CVE-2019-20073

On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account...

6.1CVSS

6AI Score

0.002EPSS

2019-12-30 12:15 AM

cve

CVE-2019-20076

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the Dynamic DNS...

6.1CVSS

6AI Score

0.002EPSS

2019-12-30 12:15 AM

cve

CVE-2019-20074

On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi...

8.8CVSS

8.7AI Score

0.001EPSS

2019-12-30 12:15 AM

cve

CVE-2019-20075

On Netis DL4323 devices, pingrtt_v6.html has XSS (Ping6...

6.1CVSS

6AI Score

0.002EPSS

2019-12-30 12:15 AM