Dap-1360 Firmware Security Vulnerabilities and Issues — Dap-1360 Firmware CVE List

Lucene search

DlinkDap-1360 Firmware

16 matches found

CVE•added 2024/01/19 4:15 p.m.•120 views

CVE-2024-0717

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-...

5.3CVSS5.3AI score0.19519EPSS

CVE•added 2024/05/03 2:15 a.m.•63 views

CVE-2023-32143

D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The spec...

8.8CVSS9.1AI score0.00703EPSS

CVE•added 2024/05/03 2:15 a.m.•62 views

CVE-2023-32138

D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific fla...

8.8CVSS8.2AI score0.00534EPSS

CVE•added 2024/05/03 2:15 a.m.•61 views

CVE-2023-32146

D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS9.1AI score0.00336EPSS

CVE•added 2024/05/03 2:15 a.m.•57 views

CVE-2023-32140

D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. Th...

7.5CVSS8.2AI score0.00779EPSS

CVE•added 2024/05/03 2:15 a.m.•57 views

CVE-2023-32141

D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability....

8.8CVSS9.1AI score0.00355EPSS

CVE•added 2024/05/03 2:15 a.m.•52 views

CVE-2023-32137

D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability...

6.5CVSS4.4AI score0.00158EPSS

CVE•added 2024/05/03 2:15 a.m.•50 views

CVE-2023-32144

D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerabili...

8.8CVSS9.1AI score0.00534EPSS

CVE•added 2024/05/03 2:15 a.m.•48 views

CVE-2023-32139

D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific fl...

8.8CVSS9.1AI score0.00534EPSS

CVE•added 2024/05/03 2:15 a.m.•47 views

CVE-2023-32136

D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The sp...

8.8CVSS9.1AI score0.00653EPSS

CVE•added 2024/05/03 2:15 a.m.•45 views

CVE-2023-32145

D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists withi...

8.8CVSS8.9AI score0.00142EPSS

CVE•added 2024/05/03 2:15 a.m.•43 views

CVE-2023-32142

D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The sp...

8.8CVSS9.1AI score0.00355EPSS

CVE•added 2015/01/13 11:59 a.m.•40 views

CVE-2014-10026

index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows remote attackers to bypass authentication and obtain sensitive information by setting the client_login cookie to admin.

5CVSS6.8AI score0.00328EPSS

CVE•added 2015/01/13 11:59 a.m.•39 views

CVE-2014-10027

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that (1) change the MAC filter restrict mode, (2) add a MAC address to the filter, or (3) remove...

6.8CVSS7.5AI score0.00442EPSS

CVE•added 2015/01/13 11:59 a.m.•33 views

CVE-2014-10025

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that change the (1) Enable Wireless, (2) MBSSID, (3) BSSID, (4) Hide Access Point, (5) SSID, (6) Countr...

6.8CVSS7.5AI score0.00442EPSS

CVE•added 2015/01/13 11:59 a.m.•31 views

CVE-2014-10028

Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi when res_config_id is set to 41.

4.3CVSS6AI score0.00481EPSS