CVE-2018-18007 added to honeypot watch list.

This vulnerability affects D-Link DSL-2770L routers.

An unauthenticated user can visit the page “atbox.htm” (if exposed to the internet) and obtain the admin account password in clear text.

CVE-2018-18008

This vulnerability affects D-Link DSL-2770L, DIR-140L, DIR-640L, DWR-116, DWR-512, DWR-555, and DWR-921 routers.

An unauthenticated user can visit the page “spaces.htm” and obtain the admin account password in clear text.

CVE-2018-18009

This vulnerability affects D-Link DIR-140L and DIR-640L routers.

An unauthenticated user can access the file “dirary0.js” and obtain the admin account password in clear text.

CVE-2018-16605 Dlink XSS vulnerability POC

LEAVE A REPLY

Please enter your comment!
Please enter your name here