12 matches found
EUVD-2019-7108
Malware in sbrugna...
D-Link DIR-601 Authentication Bypass Vulnerability
The D-Link DIR-601 B1 is a wireless router from AUO D-Link of Taiwan, China. An authentication bypass vulnerability exists in the D-Link DIR-601 B1 version 2.00NA, which originates from a program that only authenticates on the client side and fails to authenticate on the server side. An attacker...
CVE-2019-16326
D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product...
CVE-2019-16327
D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product...
Cross site request forgery (csrf)
D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product...
CVE-2019-16327
CVE-2019-16327 affects the D-Link DIR-601 B1 router (version 2.00NA). The vulnerability is an authentication bypass where the device does not enforce authentication on the server side, relying on client-side validation, which is bypassable. It is documented alongside a related CSRF issue (CVE-201...
CVE-2019-16327
D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product...
CVE-2019-16326
D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product...
D-Link DIR-601 B1 CVE-2019-16326 Cross Site Request Forgery Vulnerability
Description D-Link DIR-601 B1 is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. D-Link DIR-601 B1 2.00NA is vulnerable; other versions may...
CVE-2018-5708
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response specifically, the configuration file restoredefault, which is...
Default credentials
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response specifically, the configuration file restoredefault, which is...
CVE-2018-5708
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response specifically, the configuration file restoredefault, which is...