28 matches found
D-Link Central WiFi Manager CWM(100) - Remote Code Execution
/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication. id: CVE-2019-13372 info:...
D-Link Central WifiManager - Server-Side Request Forgery
D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an...
EUVD-2018-7392
Malware in sbrugna...
D-Link Central WiFiManager SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'csv' require 'digest' class MetasploitModule 'D-Link Central WiFiManager SQL injection', 'Description' = %q This module exploits a SQLi vulnerability found in...
VulnCheck KEV: CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...
D-Link Central WiFiManager CWM-100 SQL Injection (CVE-2019-13373)
An SQL injection vulnerability exists in D-Link Central WiFiManager CWM-100. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
D-Link Central WiFiManager SQL injection
This module exploits a SQLi vulnerability found in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. The vulnerability is an exposed API endpoint that allows the execution of SQL queries without authentication, using this vulnerability, it's possible to retrieve usernames and password...
CVE-2018-15516
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF...
CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...
CVE-2018-15515
The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges...
CVE-2018-15515
The CVE-2018-15515 entry concerns D-LINK Central WiFiManager CWM-100 (firmware 1.03 r0098). The vulnerability arises from loading Trojan file quserex.dll from the CaptivelPortal.exe subdirectory, enabling a local unprivileged user to gain SYSTEM privileges via a Trojan/DLL hijack scenario. The co...
CVE-2018-15516
CVE-2018-15516 affects the D-Link Central WiFiManager CWM-100, version 1.03 r0098, where the FTP server component can be abused to perform a PORT command bounce scan on port 8000, resulting in a Server-Side Request Forgery (SSRF) . Documented impact includes remote abuse of the network and potent...
CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...
CVE-2018-15515
The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges...
CVE-2018-15517
CVE-2018-15517 affects D-Link Central WifiManager CWM-100, version 1.03 r0098, where the MailConnect feature (meant to check SMTP connections) improperly allows outbound TCP to any port/IP, enabling server-side request forgery (SSRF). Exploitation demos show a URI like index.php/System/MailConnec...
Command Execution Vulnerability in D-link Central WifiManager
D-LINK Central WifiManager CWM-100 is D-LINK centralized wireless management software. A code execution vulnerability exists in the implementation of D-Link Central WiFiManager, which can be exploited by an attacker to gain control of a web server...
D-Link Central WiFiManager Software Controller Detection Consolidation
Consolidation of D-Link Central WiFiManager Software Controller detections. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
D-Link Central WiFiManager Software Controller Detection (Windows SMB Login)
This script detects the installed version of D-Link Central WiFiManager Software Controller for Windows. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
D-LINK Central WifiManager CWM-100 FTP Server Port Bounce Scanning Vulnerability
D-LINK Central WifiManager CWM-100 is D-LINK centralized wireless management software. The FTP server component of D-LINK Central WifiManager can be used as a man-in-the-middle machine to allow PORT Command bounce scanning attacks. This vulnerability allows remote attackers to abuse the network a...
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Server-Side Request Forgery Vulnerability
Using a web browser or script server-side request forgery SSRF can be initiated against internal/external systems to conduct port scans by leveraging D-LINK's MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices is intended to check a...