Skip to main content
CVE-2014-7858 CRITICAL Act Now

The check_login function in D-Link DNR-326 before 2.10 build 03 allows remote attackers to bypass authentication and log in by setting the username cookie parameter to an arbitrary string. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.0% and no vendor patch available.

D-Link Authentication Bypass Dnr 326 Firmware
NVD
CVSS 3.0
9.8
EPSS
14.0%
CVE-2014-7857 CRITICAL Act Now

D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.0% and no vendor patch available.

D-Link Authentication Bypass Dns 322L Firmware Dns 325 Firmware Dns 345 Firmware +4
NVD
CVSS 3.0
9.8
EPSS
12.0%
CVE-2014-7859 CRITICAL Act Now

Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.7% and no vendor patch available.

Buffer Overflow RCE D-Link Dns 322L Firmware Dns 320Lw Firmware +3
NVD
CVSS 3.0
9.8
EPSS
11.7%
CVE-2017-12707 CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Scada Microbrowser
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-12816 CRITICAL Act Now

In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Internet Security
NVD
CVSS 3.1
9.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy