Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-17440 7.5
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker c
23-11-2018 - 18:50 08-10-2018 - 16:29
CVE-2018-17442 6.5
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code.
23-11-2018 - 15:02 08-10-2018 - 16:29
CVE-2018-17443 4.3
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS.
23-11-2018 - 14:56 08-10-2018 - 16:29
CVE-2018-17441 4.3
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS.
21-11-2018 - 22:05 08-10-2018 - 16:29
Back to Top Mark selected
Back to Top