Published: 20/11/2013 Updated: 29/04/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote malicious users to hijack the authentication of administrators for requests that (1) enable or disable Wireless MAC Address Filters via a wlFltMode action to wlmacflt.cmd, (2) enable or disable firewall protections via a request to scdmz.cmd, or (3) enable or disable remote management via a save action to scsrvcntr.cmd.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dlink dsl-2740b_firmware 1.00
dlink dsl-2740b -

+--------------------------------------------------------------------------------------------------------------------------------+ # Exploit Title : D-Link DSL-2740B (ADSL Router) CSRF Vulnerability # Date : 09-08-2013 # Author : Ivano Binetti (ivanobinetticom) # Vendor site : wwwd-linkcom # Version ...

D-Link DSL-2740B ADSL routers suffer from a cross site request forgery vulnerability ...

CWE-352 http://packetstormsecurity.com/files/123200/D-Link-DSL-2740B-Cross-Site-Request-Forgery.html http://www.webapp-security.com/2013/09/d-link-dsl-2740b-multiple-csrf-vulnerabilities http://www.webapp-security.com/wp-content/uploads/2013/09/D-Link-DSL-2740B-Multiple-CSRF-Vulnerabilities1.txt http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10004 https://nvd.nist.gov https://www.exploit-db.com/exploits/28239/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-5730

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect