Dlink Dwl-3600Ap Firmware vulnerabilities

7 known vulnerabilities affecting dlink/dwl-3600ap_firmware.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM6

Vulnerabilities

Page 1 of 1
CVE-2019-14335MEDIUMCVSS 5.5v4.2.0.142019-08-08
CVE-2019-14335 [MEDIUM] CVE-2019-14335: An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is po An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated denial of service leading to the reboot of the AP via the admin.cgi?action=%s URI.
nvd
CVE-2019-14332HIGHCVSS 7.8v4.2.0.142019-08-01
CVE-2019-14332 [HIGH] CWE-326 CVE-2019-14332: An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is us An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1.
nvd
CVE-2019-14337MEDIUMCVSS 5.5v4.2.0.142019-08-01
CVE-2019-14337 [MEDIUM] CWE-78 CVE-2019-14337: An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence.
nvd
CVE-2019-14334MEDIUMCVSS 5.5v4.2.0.142019-08-01
CVE-2019-14334 [MEDIUM] CWE-295 CVE-2019-14334: An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command.
nvd
CVE-2019-14336MEDIUMCVSS 5.5v4.2.0.142019-08-01
CVE-2019-14336 [MEDIUM] CVE-2019-14336: An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is po An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request.
nvd
CVE-2019-14338MEDIUMCVSS 6.1v4.2.0.142019-08-01
CVE-2019-14338 [MEDIUM] CWE-79 CVE-2019-14338: An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface.
nvd
CVE-2019-14333MEDIUMCVSS 5.5v4.2.0.142019-08-01
CVE-2019-14333 [MEDIUM] CVE-2019-14333: An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a pre-authenticated denial of service attack against the access point via a long action parameter to admin.cgi.
nvd