4 matches found
VulnCheck KEV: CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...
CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...
CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...
D-LINK Central WifiManager CWM-100 Server-Side Request Forgery Vulnerability
D-LINK Central WifiManager CWM-100 is D-LINK centralized wireless management software. The MailConnect feature on the D-Link Central WiFiManager CWM-100 1.03 r0098 device is used to check connections to SMTP servers, but actually allows outbound TCP to any port on any IP address, resulting in SSR...