ID

VAR-E-201403-0008


TITLE

D-Link DIR-600L '/goform/formSetPassword' Cross Site Request Forgery Vulnerability

Trust: 0.3

sources: BID: 66373

DESCRIPTION

D-Link DIR-600L is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
D-Link DIR-600L 5.10 is vulnerable; other versions may also be affected.

Trust: 0.3

sources: BID: 66373

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-600lscope:eqversion:5.10

Trust: 0.3

sources: BID: 66373

EXPLOIT

To exploit this issue, an attacker must entice an unsuspecting victim to follow a malicious URI or visit a malicious website.

Trust: 0.3

sources: BID: 66373

PRICE

Free

Trust: 0.3

sources: BID: 66373

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 66373

CREDITS

Dhruv Shah

Trust: 0.3

sources: BID: 66373

EXTERNAL IDS

db:BIDid:66373

Trust: 0.3

sources: BID: 66373

REFERENCES

url:http://www.dlink.com/us/en/home-solutions/connect/routers/dir-600l-wireless-n-150-home-cloud-router

Trust: 0.3

sources: BID: 66373

SOURCES

db:BIDid:66373

LAST UPDATE DATE

2022-07-27T09:58:47.621000+00:00


SOURCES UPDATE DATE

db:BIDid:66373date:2014-03-20T00:00:00

SOURCES RELEASE DATE

db:BIDid:66373date:2014-03-20T00:00:00