5 matches found
CVE-2013-7053
D-Link DIR-100 4.03B07: cli.cgi CSRF...
CVE-2013-7053
D-Link DIR-100 4.03B07: cli.cgi CSRF...
CVE-2013-7053
CVE-2013-7053 concerns a CSRF vulnerability in the CLI CGI endpoint (cli.cgi) of the D-Link DIR-100 router with firmware 4.03B07. The intrinsic cause is cross-site request forgery to that endpoint, enabling an attacker to induce state-changing requests without user interaction. Public references ...
D-Link DIR-100多个安全漏洞
BUGTRAQ ID: 65290 CVECAN ID: CVE-2013-7051,CVE-2013-7052,CVE-2013-7053,CVE-2013-7054,CVE-2013-7055 D-Link DIR-100是集成了防火墙功能的小型宽带路由器。 D-Link DIR-100以太网宽带路由器没有正确限制对管理员Web接口的访问权、对cliget.cgi脚本的访问权、也没有对HTTP请求进行有效性验证,在实现上存在多个安全漏洞,攻击者可利用这些漏洞非法访问受限制功能、获取管理员凭证或其他敏感设置、更改管理员密码等。 0 D-Link DIR-100 4.03B07 厂商补丁...
D-Link DIR-100 CSRF / XSS / Disclosure / Authentication
Title: Router D-Link DIR-100 Multiple Vulnerabilities Date: 2013-12-18 Author: Felix Richter Contact: [email protected] Vulnerable Software: ftp://ftp.dlink.de/dir/dir-100/driversoftware/DIR-100fwrevd403b07ALLde20120410.zip Patched Software:...