CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of D-Link DIR-601 router’s microprogramming software, related to authentication deficiencies, allows attackers to escalate their privileges.

The vulnerability of D-Link DIR-601 router’s microprogramming software is related to authentication deficiencies. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

10CVSS7.7AI score0.01805EPSS

Exploits1References3Affected Software1

CNVD•added 2019/12/27 12:0 a.m.•2 views

D-Link DIR-601 Cross-Site Request Forgery Vulnerability

The D-Link DIR-601 B1 is a wireless router from AUO D-Link of Taiwan, China. A cross-site request forgery vulnerability exists in the D-Link DIR-601 B1 version 2.00NA. The vulnerability stems from a WEB application that does not adequately verify that a request is from a trusted user. An attacker...

8.8CVSS6.9AI score0.0064EPSS

Exploits1References1

NVD•added 2019/12/26 6:15 p.m.•10 views

CVE-2019-16326

D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product...

8.8CVSS9.2AI score0.0064EPSS

Exploits1References1

Prion•added 2019/12/26 6:15 p.m.•12 views

Cross site request forgery (csrf)

6.8CVSS9.2AI score0.01805EPSS

Exploits2References1Affected Software1

Cvelist•added 2019/12/26 5:27 p.m.•18 views

CVE-2019-16326

9AI score0.0064EPSS

Exploits1References1

Symantec•added 2019/12/24 12:0 a.m.•28 views

D-Link DIR-601 B1 CVE-2019-16326 Cross Site Request Forgery Vulnerability

Description D-Link DIR-601 B1 is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. D-Link DIR-601 B1 2.00NA is vulnerable; other versions may...

1.5AI score0.0064EPSS

Exploits1References2Affected Software1

Symantec•added 2019/12/24 12:0 a.m.•30 views

D-Link DIR-601 CVE-2019-16327 Authentication Bypass Vulnerability

Description D-Link DIR-601 is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. D-Link DIR-601 Router 2.00NA is vulnerable; other versions may also be affected...

1.9AI score0.01805EPSS

Exploits1References2Affected Software1

CNVD•added 2018/08/30 12:0 a.m.•4 views

D-Link DIR-601 Elevation of Privilege Vulnerability

D-Link DIR-601 is a wireless router product from AUO D-Link. A security vulnerability exists in the D-Link DIR-601 version 2.02NA, which originates from the inclusion of an administrator password in XML. A local attacker can exploit this vulnerability by hijacking the response to a POST request t...

8CVSS8.1AI score0.76507EPSS

Exploits4References1

NVD•added 2018/08/29 7:29 p.m.•20 views

CVE-2018-12710

An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having only "User" account which is a low privilege account access, an attacker can intercept the response from a POST request to obtain "Admin" rights due to the admin password being displayed in XML...

8CVSS7.8AI score0.76507EPSS

Exploits4References2

Cvelist•added 2018/08/29 7:0 p.m.•19 views

CVE-2018-12710

7.8AI score0.76507EPSS

Exploits4References2

Positive Technologies•added 2018/08/17 12:0 a.m.•3 views

PT-2018-3889 · D Link · D-Link Dir-601

Name of the Vulnerable Software and Affected Versions: D-Link DIR-601 version 2.02NA Description: An issue allows an attacker with low privilege "User" account access to intercept the response from a POST request and obtain "Admin" rights due to the admin password being displayed in XML. The...

9CVSS7.7AI score0.76507EPSS

Exploits4References4

exploitpack•added 2018/07/10 12:0 a.m.•22 views

D-Link DIR601 2.02 - Credential Disclosure

D-Link DIR601 2.02 - Credential Disclosure Exploit title: D-Link DIR601 2.02NA - Credential disclosure Date: 2018-07-10 Exploit Author: Richard Rogerson Vendor Homepage: http://ca.dlink.com/ Software Link: http://support.dlink.ca/ProductInfo.aspx?m=DIR-601 Version: = 2.02NA Tested on: D-Link DIR6...

7.4AI score

Exploits0

Exploit DB•added 2018/07/10 12:0 a.m.•44 views

D-Link DIR601 2.02 - Credential Disclosure

Exploit title: D-Link DIR601 2.02NA - Credential disclosure Date: 2018-07-10 Exploit Author: Richard Rogerson Vendor Homepage: http://ca.dlink.com/ Software Link: http://support.dlink.ca/ProductInfo.aspx?m=DIR-601 Version: = 2.02NA Tested on: D-Link DIR601 Firmware 2.02NA Contact:...

7.4AI score

Exploits0

CNVD•added 2018/05/08 12:0 a.m.•2 views

Information Disclosure Vulnerability in D-Link DIR-601

D-Link DIR-601 is a wireless router product from AUO D-Link. A security vulnerability exists in the D-Link DIR-601 A1 version 1.02NA, which can be exploited to obtain information by intercepting the parameters passed to the user to change the password without the need for the current password and...

8.1CVSS6.8AI score0.01785EPSS

Exploits2References1

Prion•added 2018/05/04 3:29 a.m.•10 views

Default credentials

D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext...

6.8CVSS8.1AI score0.01785EPSS

Exploits2References3Affected Software1