CVE-2018-19300

CVE-2018-19300 affects multiple D-Link devices (DAP-1530/A1 before 1.06b01; DAP-1610/A1 before 1.06b01; DWR-111/A1 before 1.02v02; DWR-116/A1 before 1.06b03; DWR-512/B1 before 2.02b01; DWR-711/A1 up to 1.11; DWR-712/B1 before 2.04b01; DWR-921/A1 before 1.02b01; DWR-921/B1 before 2.03b01). The vul...

D-Link DWR-116 Device < V1.05b09 Directory Traversal Vulnerability - Active Check

D-Link DWR devices are prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX = "cpe:/o:dlink"...

Directory traversal

Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices allows remote attackers to read arbitrary...

CVE-2018-10824

An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0...

CVE-2018-10822

CVE-2018-10822 describes a directory traversal / local file inclusion in the web interfaces of multiple D-Link routers (DWR-116 up to v1.06, DIR-140L up to v1.02, DIR-640L up to v1.02, DWR-512 up to v2.02, DWR-712 up to v2.02, DWR-912 up to v2.02, DWR-921 up to v2.02, DWR-111 up to v1.01, and rel...

CVE-2018-10823

CVE-2018-10823 affects several D-Link router models (DWR-116 up to 1.06, DWR-512 up to 2.02, DWR-712 up to 2.02, DWR-912 up to 2.02, DWR-921 up to 2.02, DWR-111 up to 1.01). An authenticated attacker can inject shell commands via the chkisg.htm Sip parameter, leading to arbitrary code execution a...

D-Link Router Password Plaintext Storage Vulnerability

The DWR-116, DIR-140, and DIR-640 are all D-Link router products. A password plaintext storage vulnerability exists in several series of D-Link routers, which stems from the administrative password being stored in plaintext in the /tmp/XXX /0 file. An attacker with directory traversal or LFI can...

PT-2018-1746 · D Link · Dwr-116 +7

Name of the Vulnerable Software and Affected Versions: D-Link DWR-116 versions 1.06 and earlier D-Link DIR-140L versions 1.02 and earlier D-Link DIR-640L versions 1.02 and earlier D-Link DWR-512 versions 2.02 and earlier D-Link DWR-712 versions 2.02 and earlier D-Link DWR-912 versions 2.02 and...

PT-2018-1747 · D Link · Dwr-921 +5

Name of the Vulnerable Software and Affected Versions: D-Link DWR-116 versions 1.06 and earlier D-Link DWR-512 versions 2.02 and earlier D-Link DWR-712 versions 2.02 and earlier D-Link DWR-912 versions 2.02 and earlier D-Link DWR-921 versions 2.02 and earlier D-Link DWR-111 versions 1.01 and...

D-Link DWR-116 Arbitrary File Download Vulnerability

The DWR-116 is a wireless N300 multi-WAN router from D-Link. An arbitrary file download vulnerability exists in the web interface of the D-Link DWR-116, which can be exploited by a remote attacker to read an arbitrary file via a "GET /uir/" request.... double dot in the "GET /uir/" request to rea...

Directory traversal

Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. dot dot in a "GET /uir/" request...

CVE-2017-6190

Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. dot dot in a "GET /uir/" request...

CVE-2017-6190

Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. dot dot in a "GET /uir/" request...

CVE-2017-6190

Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. dot dot in a "GET /uir/" request...

CVE-2017-6190

CVE-2017-6190 is a directory-traversal flaw in the D-Link DWR-116 web interface (and related DWR/DIR devices) that allows remote attackers to read arbitrary files by requesting a path like GET /uir/.. and similar. The root cause is an incorrect fix for a prior issue, enabling traversal in the web...

D-Link DWR-116 DWR-116A1 - Arbitrary File Download

D-Link DWR-116 DWR-116A1 - Arbitrary File Download Title: D-Link DWR-116 Arbitrary File Download Vendor: D-Link www.dlink.com Affected models: DWR-116 / DWR-116A1 Tested on: V1.01EU, V1.00CPb10, V1.05AU CVE: CVE-2017-6190 Date: 04.07.2016 Author: Patryk Bogdan @patrykbogdan Description: D-Link...

D-Link DWR-116 Directory Traversal

Title: D-Link DWR-116 Arbitrary File Download Vendor: D-Link www.dlink.com Affected models: DWR-116 / DWR-116A1 Tested on: V1.01EU, V1.00CPb10, V1.05AU CVE: CVE-2017-6190 Date: 04.07.2016 Author: Patryk Bogdan @patrykbogdan Description: D-Link DWR-116 with firmware before V1.05b09 suffers from...