Lucene search

Dir-865L Firmware Security Vulnerabilities - 2020

cve

CVE-2019-20213

D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.

7.5CVSS

7.3AI Score

0.002EPSS

2020-01-02 02:16 PM

cve

CVE-2020-13782

D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection.

8.8CVSS

8.7AI Score

0.004EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13783

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information.

7.5CVSS

7.6AI Score

0.002EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13784

D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.

7.5CVSS

7.5AI Score

0.007EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13785

D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.

7.5CVSS

7.6AI Score

0.002EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13786

D-Link DIR-865L Ax 1.20B01 Beta devices allow CSRF.

8.8CVSS

8.7AI Score

0.001EPSS

2020-06-03 05:15 PM

cve

CVE-2020-13787

D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information.

7.5CVSS

7.6AI Score

0.002EPSS

2020-06-03 05:15 PM

cve

CVE-2020-25786

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet...

6.1CVSS

6AI Score

0.001EPSS

2020-09-19 08:15 PM