ID
VAR-201012-0370
TITLE
D-Link DIR-300 \"tools_admin.php\" Cross-Site Request Forgery Vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2010-3351
DESCRIPTION
The D-Link DIR-300 is a wireless G broadband router. D-Link DIR-300 has a cross-site scripting forgery vulnerability in its implementation. An attacker could exploit this vulnerability to run an authorization command on an affected device, change the configuration, cause a denial of service, or inject arbitrary script code. Other attacks are also possible. This issue affects D-Link DIR-300 running firmware 1.04
Trust: 0.81
sources:
CNVD: CNVD-2010-3351 //
BID: 45473
IOT TAXONOMY
| category: | ['IoT', 'Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2010-3351
AFFECTED PRODUCTS
| vendor: | d link | model: | dir-300 | scope: | eq | version: | 1.04 | Trust: 0.9 |
sources:
CNVD: CNVD-2010-3351 //
BID: 45473
THREAT TYPE
network
Trust: 0.3
sources:
BID: 45473
TYPE
Design Error
Trust: 0.3
sources:
BID: 45473
EXTERNAL IDS
| db: | BID | id: | 45473 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2010-3351 | Trust: 0.6 |
sources:
CNVD: CNVD-2010-3351 //
BID: 45473
REFERENCES
| url: | http://www.securityfocus.com/bid/45473 | Trust: 0.6 |
| url: | http://www.linksys.com/ | Trust: 0.3 |
sources:
CNVD: CNVD-2010-3351 //
BID: 45473
CREDITS
outlaw.dll
Trust: 0.3
sources:
BID: 45473
SOURCES
| db: | CNVD | id: | CNVD-2010-3351 |
| db: | BID | id: | 45473 |
LAST UPDATE DATE
2022-05-17T01:45:41.942000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2010-3351 | date: | 2010-12-23T00:00:00 |
| db: | BID | id: | 45473 | date: | 2010-12-17T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2010-3351 | date: | 2010-12-23T00:00:00 |
| db: | BID | id: | 45473 | date: | 2010-12-17T00:00:00 |