4 matches found
CVE-2019-14338
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface...
Design/Logic Flaw
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface...
CVE-2019-14336
CVE-2019-14336 affects D-Link 6600-AP and DWL-3600AP with firmware 4.2.0.14 Ax. The vulnerability enables post-authenticated dump of all configuration files via an insecure HTTP request to admin.cgi, leading to information disclosure. Multiple connected sources corroborate an authenticated access...
CVE-2019-14332
CVE-2019-14332 affects D-Link 6600-AP and DWL-3600AP (Ax 4.2.0.14). The issue is the use of weak SSH ciphers (e.g., diffie-hellman-group1-sha1) in affected firmware. Evidence in multiple sources confirms the vulnerability details and affected devices; some sources also reference related SSH brute...