Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2018-18009

Published: 21/12/2018 Updated: 23/04/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Dlink

Vulnerability Summary

dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated malicious users to discover admin credentials.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dlink dir-140l_firmware 1.02

dlink dir-640l_firmware 1.01ru

Exploits

Exploit DB: D-Link DIR-140L / DIR-640L Credential Disclosure
D-Link DIR-140L and DIR-640L suffer from an administrative credential disclosure vulnerability ...

Mailing Lists

Full Disclosure: Re: [CVE-2018-18009] dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: [CVE-2018-18009] dirary0js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discove ...
Full Disclosure: [CVE-2018-18009] dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> [CVE-2018-18009] dirary0js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover ad ...

References

CWE-798http://seclists.org/fulldisclosure/2018/Dec/46http://www.securityfocus.com/bid/106336https://nvd.nist.govhttps://packetstormsecurity.com/files/150880/D-Link-DIR-140L-DIR-640L-Credential-Disclosure.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook