32 matches found
CVE-2018-6213
In the web server on D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account...
CVE-2018-6211
CVE-2018-6211 affects D-Link DIR-620 routers (firmware variants 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, 2.0.22). Root cause: OS command injection due to incorrect processing of the res_buf parameter in index.cgi. Impact: remote attacker could execute OS commands on the device. Public advisorie...
Hardcoded credentials
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session...
CVE-2018-6210
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session...
CVE-2018-6210
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session...
CVE-2018-6210
The CVE-2018-6210 entry concerns D-Link DIR-620 routers with a Rostelekom variant of firmware 1.0.37 that ship a hardcoded rostel account. The underlying risk is that an unauthenticated remote attacker can obtain access via TELNET, enabling privileged router access (the OS/user account context fr...
D-Link DIR-620 Router Cross Site Scripting Vulnerability
D-link DIR-620 is a wireless router product from AUO D-Link. A cross-site scripting vulnerability exists in the D-Link DIR-620 due to the program failing to filter for special characters in the 'Search' field and failing to properly handle XMLHttpRequest objects. A remote attacker can use this...
D-Link DIR-620 Router OS Command Injection Vulnerability
D-link DIR-620 is a wireless router product from AUO D-Link. An operating system command injection vulnerability exists in the D-Link DIR-620 that stems from the program failing to properly handle the 'resbuf' parameter passed to the index.cgi file. An attacker can exploit this vulnerability to...
D-Link DIR-620 Router Information Disclosure Vulnerability
D-link DIR-620 is a wireless router product of AUO D-Link. web server is one of the web servers. A security vulnerability exists in the web server of the D-Link DIR-620, which originates from the use of a hard-coded password for the admin account. An attacker can exploit this vulnerability to...
PT-2018-3916 · D Link · D-Link Dir-620
Name of the Vulnerable Software and Affected Versions: D-Link DIR-620 versions 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, 2.0.22 Description: The issue exists due to inadequate protection of the web interface structure in the D-Link DIR-620 router's firmware. This allows a remote attacker to...
PT-2018-3887 · D Link · Dir-620
Name of the Vulnerable Software and Affected Versions: D-Link DIR-620 devices with customized firmware versions 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22 Description: The issue is related to a hardcoded password for the admin account, specifically set to anonymous. This could allow a...
PT-2018-3904 · D Link · D-Link Dir-620
Name of the Vulnerable Software and Affected Versions: D-Link DIR-620 versions 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22 Description: The issue is related to incorrect processing of the res buf parameter to "index.cgi", allowing OS command injection. This can be exploited by a remote...