D-Link Central WiFi Manager CWM(100) - Remote Code Execution

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication. id: CVE-2019-13372 info:...

D-Link Central WifiManager - Server-Side Request Forgery

D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an...

EUVD-2018-9195

Malware in sbrugna...

EUVD-2019-4872

Malware in sbrugna...

EUVD-2018-7392

Malware in sbrugna...

CVE-2019-13373

An issue was discovered in the D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL...

CVE-2019-13375

A SQL Injection was discovered in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication...

D-Link Central WiFiManager SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'csv' require 'digest' class MetasploitModule 'D-Link Central WiFiManager SQL injection', 'Description' = %q This module exploits a SQLi vulnerability found in...

D-Link Central WiFiManager SQL injection

This module exploits a SQLi vulnerability found in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. The vulnerability is an exposed API endpoint that allows the execution of SQL queries without authentication, using this vulnerability, it's possible to retrieve usernames and password...

D-Link Central WiFi Manager CWM(100) RCE

This module exploits a PHP code injection vulnerability in D-Link Central WiFi Manager CWM100 versions below v1.03R0100BETA6. The vulnerability exists in the username cookie, which is passed to eval without being sanitized. Dangerous functions are not disabled by default, which makes it possible ...

D-Link Central WiFi Manager CWM(100) Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Central WiFi Manager CWM100 RCE', 'Description' = %q This module exploits a PHP code injection vulnerability in D-Link Central WiFi Manage...

D-Link Central WiFi Manager (CWM-100) SQL Injection Vulnerability

D-Link Central WiFi Manager CWM-100 is a Web-based wireless access point management tool. A SQL injection vulnerability exists in the index.php/Pay/passcodeAuth passcode parameter in PayAction.class.php in versions prior to D-Link Central WiFi Manager CWM-100 1.03R0100BETA6. An attacker can explo...

D-Link Central WiFi Manager (CWM-100) Cross-Site Scripting Vulnerability

D-Link Central WiFi Manager CWM-100 is a Web-based wireless access point management tool. A cross-site scripting vulnerability exists in the resource view in PayAction.class.php in D-Link Central WiFi Manager CWM-100 versions prior to 1.03R0100BETA6. A remote attacker can exploit this vulnerabili...

CVE-2019-13372

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication...

CVE-2019-13375

A SQL Injection was discovered in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication...

Input validation

An issue was discovered in the D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL...

Sql injection

A SQL Injection was discovered in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication...

Cross site scripting

A cross-site scripting XSS vulnerability in resource view in PayAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to inject arbitrary web script or HTML via the index.php/Pay/passcodeAuth passcode parameter...

CVE-2019-13374

A cross-site scripting XSS vulnerability in resource view in PayAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to inject arbitrary web script or HTML via the index.php/Pay/passcodeAuth passcode parameter...

CVE-2018-15517

The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...