Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware prior to 1.05b07 allow remote malicious users to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dlink dir865l_firmware 1.03 |
||
dlink dir865l_firmware 1.00b24 |
||
dlink dir865l_firmware |
||
dlink dir865l_firmware 1.02 |
||
dlink dir865l - |