Dlink Dir-X1860 Firmware vulnerabilities

5 known vulnerabilities affecting dlink/dir-x1860_firmware.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2024-0717MEDIUMCVSS 5.3≤ 2024-01-122024-01-19
CVE-2024-0717 [MEDIUM] CWE-200 CVE-2024-0717: A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DI A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530,
nvd
CVE-2021-46353MEDIUMCVSS 5.3≤ 1.032022-03-04
CVE-2021-46353 [MEDIUM] CWE-209 CVE-2021-46353: An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote una An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application.
nvd
CVE-2021-41445MEDIUMCVSS 6.1≤ 1.032022-02-10
CVE-2021-41445 [MEDIUM] CWE-79 CVE-2021-41445: A reflected cross-site-scripting attack in web application of D-Link DIR-X1860 before v1.10WWB09_Bet A reflected cross-site-scripting attack in web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to execute code in the device of the victim via sending a specific URL to the unauthenticated victim.
nvd
CVE-2021-41442HIGHCVSS 7.5≤ 1.032022-02-09
CVE-2021-41442 [HIGH] CWE-444 CVE-2021-41442: An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet.
nvd
CVE-2021-41441HIGHCVSS 7.4≤ 1.032022-02-09
CVE-2021-41441 [HIGH] CWE-404 CVE-2021-41441: A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unaut A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated victim. The authenticated victim need to visit this URL, for the router to reboot.
nvd