CVE-2014-10026

CWE-200 — Information Exposure3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.3%

top 44.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dlink Dap-1360 Firmware

Timeline

PublishedJan 13

Latest updateMay 17

Description

index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows remote attackers to bypass authentication and obtain sensitive information by setting the client_login cookie to admin.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDdlink/dap-1360_firmware2.5.4

🔴Vulnerability Details

GHSA

GHSA-rgmw-wjj6-7w2g: index↗2022-05-17

▶

CVEList

CVE-2014-10026: index↗2015-01-13

▶