Dlink Central Wifimanager — known CVE vulnerabilities
Every CVE whose affected-product data names Dlink Central Wifimanager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2019-13372 — CVSS 9.8 (critical): /web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute…
CVE-2019-13375 — CVSS 9.8 (critical): A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 in PayAction.class.php with the…
CVE-2019-13373 — CVSS 9.8 (critical): An issue was discovered in the D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6. Input does not get validated and arbitrary SQL…
CVE-2018-17440 — CVSS 9.8 (critical): An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port…
CVE-2018-17442 — CVSS 8.8 (high): An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the…
CVE-2018-15517 — CVSS 8.6 (high): The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but…
CVE-2018-15515 — CVSS 7.8 (high): The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the…
CVE-2018-17443 — CVSS 6.1 (medium): An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is…
CVE-2018-17441 — CVSS 6.1 (medium): An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is…
CVE-2019-13374 — CVSS 6.1 (medium): A cross-site scripting (XSS) vulnerability in resource view in PayAction.class.php in D-Link Central WiFi Manager CWM(100) before…
CVE-2018-15516 — CVSS 5.8 (medium): The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via…