| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-17440 | 7.5 |
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker c
|
26-04-2023 - 19:36 | 08-10-2018 - 16:29 | |
| CVE-2018-17442 | 6.5 |
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code.
|
26-04-2023 - 19:36 | 08-10-2018 - 16:29 | |
| CVE-2018-17443 | 4.3 |
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS.
|
26-04-2023 - 19:36 | 08-10-2018 - 16:29 | |
| CVE-2018-17441 | 4.3 |
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS.
|
26-04-2023 - 19:36 | 08-10-2018 - 16:29 |