Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2022/11/13 12:0 a.m.32 views

D-Link Central WiFiManager CWM-100 Remote Code Execution (CVE-2019-13372)

A remote code execution vulnerability exists in D-Link Central WiFiManager CWM-10. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.80682EPSS
Exploits4
Metasploit
Metasploit
added 2020/08/18 5:41 p.m.44 views

D-Link Central WiFi Manager CWM(100) RCE

This module exploits a PHP code injection vulnerability in D-Link Central WiFi Manager CWM100 versions below v1.03R0100BETA6. The vulnerability exists in the username cookie, which is passed to eval without being sanitized. Dangerous functions are not disabled by default, which makes it possible ...

9.8CVSS9.6AI score0.80682EPSS
Exploits4
0day.today
0day.today
added 2020/08/18 12:0 a.m.291 views

D-Link Central WiFi Manager CWM(100) Remote Code Execution Exploit

This Metasploit module exploits a PHP code injection vulnerability in D-Link Central WiFi Manager CWM100 versions below v1.03R0100BETA6. The vulnerability exists in the username cookie, which is passed to eval without being sanitized. Dangerous functions are not disabled by default, which makes i...

9.8CVSS9.8AI score0.80682EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/08/18 12:0 a.m.271 views

D-Link Central WiFi Manager CWM(100) Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Central WiFi Manager CWM100 RCE', 'Description' = %q This module exploits a PHP code injection vulnerability in D-Link Central WiFi Manage...

7.5CVSS0.80682EPSS
Exploits4
Circl
Circl
added 2019/07/07 1:59 a.m.27 views

CVE-2019-13372

creationtimestamp| type| source ---|---|--- 2019-07-07 01:59:52+00:00| seen| https://t.me/cveNotify/285 2020-08-18 14:46:07+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/dlinkcentralwifimanagerrce.rb 2025-02-06 03:13:44+00:00| seen|...

9.8CVSS7.2AI score0.80682EPSS
In wildExploits4References7
NVD
NVD
added 2019/07/06 11:15 p.m.37 views

CVE-2019-13372

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication...

9.8CVSS9.8AI score0.80682EPSS
Exploits4References4
CVE
CVE
added 2019/07/06 10:54 p.m.369 views

CVE-2019-13372

D-Link Central WiFi Manager CWM(100) is affected by a remote code execution vulnerability in /web/Lib/Action/IndexAction.class.php. Before v1.03R0100_BETA6, a crafted cookie can trigger eval injection via the cookie’s username field, and an empty password bypasses authentication, enabling unauthe...

9.8CVSS9.8AI score0.80682EPSS
In wildExploits4References4Affected Software1
Rows per page
Query Builder