ID
VAR-E-201403-0008
TITLE
D-Link DIR-600L '/goform/formSetPassword' Cross Site Request Forgery Vulnerability
Trust: 0.3
sources:
BID: 66373
DESCRIPTION
D-Link DIR-600L is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
D-Link DIR-600L 5.10 is vulnerable; other versions may also be affected.
Trust: 0.3
sources:
BID: 66373
AFFECTED PRODUCTS
vendor: | dlink | model: | dir-600l | scope: | eq | version: | 5.10 | Trust: 0.3 |
sources:
BID: 66373
EXPLOIT
To exploit this issue, an attacker must entice an unsuspecting victim to follow a malicious URI or visit a malicious website.
Trust: 0.3
sources:
BID: 66373
PRICE
Free
Trust: 0.3
sources:
BID: 66373
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 66373
CREDITS
Dhruv Shah
Trust: 0.3
sources:
BID: 66373
EXTERNAL IDS
db: | BID | id: | 66373 | Trust: 0.3 |
sources:
BID: 66373
REFERENCES
url: | http://www.dlink.com/us/en/home-solutions/connect/routers/dir-600l-wireless-n-150-home-cloud-router | Trust: 0.3 |
sources:
BID: 66373
SOURCES
db: | BID | id: | 66373 |
LAST UPDATE DATE
2022-07-27T09:58:47.621000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 66373 | date: | 2014-03-20T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 66373 | date: | 2014-03-20T00:00:00 |