D-Link Dir-600M Firmware vulnerabilities
2 known vulnerabilities affecting d-link/dir-600m_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-5874P3HIGHCVSS 8.8PoC≤ 1.0.12017-03-22
CVE-2017-5874 [HIGH] CWE-352 CVE-2017-5874: CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to
CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to bypass authentication and insert XSS sequences or possibly have unspecified other impact.
nvd
CVE-2017-10676P4MEDIUMCVSS 6.1vfw3.05b012017-07-20
CVE-2017-10676 [MEDIUM] CWE-79 CVE-2017-10676: On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.
On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.cgi username parameter.
nvd