CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-10027

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that (1) change the MAC filter restrict mode, (2) add a MAC address to the filter, or (3) remove a MAC address from the filter via a crafted request to index.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.3%

CVSS Severity

CVSS v2 Score 6.8

References

http://seclists.org/fulldisclosure/2014/Nov/100
http://websecurity.com.ua/7215/
http://seclists.org/fulldisclosure/2014/Nov/100
http://websecurity.com.ua/7215/

Products affected by CVE-2014-10027

Dlink » Dap-1360 » Version: N/A

cpe:2.3:h:dlink:dap-1360:-
Dlink » Dap-1360 Firmware » Version: N/A

cpe:2.3:o:dlink:dap-1360_firmware:-
Dlink » Dap-1360 Firmware » Version: 2.5.4

cpe:2.3:o:dlink:dap-1360_firmware:2.5.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-10027

Products

Pricing

Contact Us