EUVD-2008-1274

Malware in sbrugna...

EUVD-2019-2727

Malware in sbrugna...

The vulnerability of D-Link DI-524 router’s microprogramming software lies in the lack of protective measures for the website structure, allowing attackers to inject arbitrary JavaScript code into the device’s web interface pages.

The vulnerability of D-Link DI-524 router’s microprogram code exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject JavaScript code into the device’s web interface pages. The web configuration files,...

Cross site scripting

On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter...

CVE-2019-11017

On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter...

CVE-2019-11017

On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter...

CVE-2019-11017

On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter...

CVE-2019-11017

CVE-2019-11017 affects the D-Link DI-524 router (V2.06RU). The vulnerability is described as multiple Stored and Reflected Cross-Site Scripting (XSS) in the Web Configuration pages: /spap.htm, /smap.htm, and /cgi-bin/smap (via the RC parameter). Root cause noted by CNVD/NVD entries is lack of pro...

D-Link DI-524 Cross-Site Scripting (CVE-2019-11017)

A cross-site scripting vulnerability exists in D-Link DI-524. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...

D-Link DI-524 Cross-Site Scripting Vulnerability

The D-Link DI-524 is a wireless router from AUO D-Link of Taiwan, China. A cross-site scripting vulnerability exists in the D-Link DI-524 version 2.06RU, which originates from a WEB application that lacks proper validation of client data. An attacker can exploit this vulnerability to execute...

D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting

D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting Exploit Title: Multiple Stored and Reflected XSS vulnerabilities in D-Link DI-524 Date: April 6, 2019 Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: https://www.dlink.com Version: D-Link DI-5...

D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting

Exploit Title: Multiple Stored and Reflected XSS vulnerabilities in D-Link DI-524 Date: April 6, 2019 Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: https://www.dlink.com Version: D-Link DI-524 - V2.06RU CVE : CVE-2019-11017 To re-create Reflect...

D-Link DI-524 2.06RU Cross Site Scripting

Exploit Title: Multiple Stored and Reflected XSS vulnerabilities in D-Link DI-524 Date: April 6, 2019 Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: https://www.dlink.com Version: D-Link DI-524 - V2.06RU CVE : CVE-2019-11017 To re-create Reflect...

D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Multiple Stored and Reflected XSS vulnerabilities in D-Link DI-524 Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: https://www.dlink.com Version: D-Link DI-524 - V2.06RU CV...

CVE-2017-5633

Multiple cross-site request forgery CSRF vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to 1 change the admin password, 2 reboot the device, or 3 possibly have unspecified other impact via crafted requests to CGI programs...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to 1 change the admin password, 2 reboot the device, or 3 possibly have unspecified other impact via crafted requests to CGI programs...

CVE-2017-5633

Multiple cross-site request forgery CSRF vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to 1 change the admin password, 2 reboot the device, or 3 possibly have unspecified other impact via crafted requests to CGI programs...

CVE-2017-5633

CVE-2017-5633 describes multiple CSRF vulnerabilities affecting the D-Link DI-524 Wireless Router running firmware 9.01. The issue enables remote attackers to perform actions via crafted requests to CGI programs, including changing the admin password and rebooting the device (and possibly other i...

PT-2017-16633 · D Link · D-Link Di-524 Wireless Router

Name of the Vulnerable Software and Affected Versions: D-Link DI-524 Wireless Router version 9.01 Description: The issue affects the D-Link DI-524 Wireless Router, allowing remote attackers to perform certain actions due to multiple cross-site request forgery CSRF vulnerabilities. These actions...

D-link DI-524 Cross-Site Request Forgery Vulnerability

The D-link DI-524 is a wireless router from AUO D-Link. A cross-site request forgery vulnerability exists in D-link DI-524 version 9.01. An attacker can exploit this vulnerability to perform unauthorized operations and gain access to affected applications...