Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sandstorm security vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-14332
An issue exists on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1.
Dlink 6600-ap Firmware 4.2.0.14
Dlink Dwl-3600ap Firmware 4.2.0.14
5.5
CVSSv3
CVE-2019-14334
An issue exists on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command.
Dlink 6600-ap Firmware 4.2.0.14
Dlink Dwl-3600ap Firmware 4.2.0.14
Dlink Dwl-8610ap Firmware 4.2.0.14
5.5
CVSSv3
CVE-2019-14336
An issue exists on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request.
Dlink 6600-ap Firmware 4.2.0.14
Dlink Dwl-3600ap Firmware 4.2.0.14
6.1
CVSSv3
CVE-2019-14338
An issue exists on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface.
Dlink 6600-ap Firmware 4.2.0.14
Dlink Dwl-3600ap Firmware 4.2.0.14
5.5
CVSSv3
CVE-2019-14333
An issue exists on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a pre-authenticated denial of service attack against the access point via a long action parameter to admin.cgi.
Dlink 6600-ap Firmware 4.2.0.14
Dlink Dwl-3600ap Firmware 4.2.0.14
5.5
CVSSv3
CVE-2019-14335
An issue exists on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated denial of service leading to the reboot of the AP via the admin.cgi?action=%s URI.
Dlink 6600-ap Firmware 4.2.0.14
Dlink Dwl-3600ap Firmware 4.2.0.14
5.5
CVSSv3
CVE-2019-14337
An issue exists on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence.
Dlink 6600-ap Firmware 4.2.0.14
Dlink Dwl-3600ap Firmware 4.2.0.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started