Computer Security
[EN] securityvulns.ru no-pyccku


D-Link routers multiple security vulnerabilities
updated since 10.07.2013
Published:09.12.2013
Source:
SecurityVulns ID:13163
Type:remote
Threat Level:
5/10
Description:Shell characters injection, authentication bypass.
Affected:DLINK : D-Link DIR-300
 DLINK : D-Link DIR-600
 DLINK : D-Link DIR-601
 DLINK : D-Link DIR-645
 DLINK : D-Link DIR-845
 DLINK : D-Link DIR-865
 DLINK : D-Link DIR-505L
 DLINK : D-Link DIR-826L
 DLINK : D-Link DIR-850L
 DLINK : D-Link DIR-860L
 DLINK : D-Link DIR-632
CVE:CVE-2013-4772 (D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless N600 Cloud Router 1.02 allows remote attackers to bypass authentication via a direct request when an authorized session is active.)
Original documentdocumentScripT setInterval(function(){for( ){alert('fixme')} } 10) /scRIpt, D-Link DIR-XXX remote root access exploit. (09.12.2013)
 documentkyle Lovett, Re: OS-Command Injection via UPnP Interface in multiple D-Link devices (10.07.2013)
 documentdoylej.ia_(at)_gmail.com, Authentication bypass in D-Link devices (session cookies not validated) (10.07.2013)
 documentdoylej.ia_(at)_gmail.com, Authentication bypass in D-Link routers (10.07.2013)
 documentdevnull_(at)_s3cur1ty.de, OS-Command Injection via UPnP Interface in multiple D-Link devices (10.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod