VYPR

Dap 1360 Firmware

by Dlink

CVEs (7)

  • CVE-2021-44127Mar 27, 2022
    risk 0.01cvss epss 0.03

    In DLink DAP-1360 F1 firmware version <=v6.10 in the "webupg" binary, an attacker can use the "file" parameter to execute arbitrary system commands when the parameter is "name=deleteFile" after being authorized.

  • CVE-2022-29328May 10, 2022
    risk 0.00cvss epss 0.13

    D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade.

  • CVE-2022-29329May 10, 2022
    risk 0.00cvss epss 0.13

    D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings.

  • CVE-2014-10028Jan 13, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi when res_config_id is set to 41.

  • CVE-2014-10027Jan 13, 2015
    risk 0.00cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that (1) change the MAC filter restrict mode, (2) add a MAC address to the…

  • CVE-2014-10026Jan 13, 2015
    risk 0.00cvss epss 0.02

    index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows remote attackers to bypass authentication and obtain sensitive information by setting the client_login cookie to admin.

  • CVE-2014-10025Jan 13, 2015
    risk 0.00cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that change the (1) Enable Wireless, (2) MBSSID, (3) BSSID, (4) Hide Access Point,…