CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-10025

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that change the (1) Enable Wireless, (2) MBSSID, (3) BSSID, (4) Hide Access Point, (5) SSID, (6) Country, (7) Channel, (8) Wireless mode, or (9) Max Associated Clients setting via a crafted request to index.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.3%

CVSS Severity

CVSS v2 Score 6.8

References

http://seclists.org/fulldisclosure/2014/Nov/19
http://websecurity.com.ua/7179/
http://seclists.org/fulldisclosure/2014/Nov/19
http://websecurity.com.ua/7179/

Products affected by CVE-2014-10025

Dlink » Dap-1360 » Version: N/A

cpe:2.3:h:dlink:dap-1360:-
Dlink » Dap-1360 Firmware » Version: N/A

cpe:2.3:o:dlink:dap-1360_firmware:-
Dlink » Dap-1360 Firmware » Version: 2.5.4

cpe:2.3:o:dlink:dap-1360_firmware:2.5.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-10025

Products

Pricing

Contact Us