Skip to main content

Dir 600 B1 Firmware

2 CVEs product

Monthly

CVE-2019-18852 CRITICAL POC Act Now

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 600 B1 Firmware Dir 615 J1 Firmware Dir 645 A1 Firmware +4
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2017-12943 CRITICAL POC THREAT Emergency

D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.8%.

Path Traversal D-Link PHP Dir 600 B1 Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
81.8%
Threat
5.9
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 600 B1 Firmware +6
NVD GitHub
EPSS 82% 5.9 CVSS 9.8
CRITICAL POC THREAT Emergency

D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.8%.

Path Traversal D-Link PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy