Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46353 | 1 Dlink | 2 Dir-x1860, Dir-x1860 Firmware | 2022-03-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application. | |||||
| CVE-2021-41445 | 1 Dlink | 2 Dir-x1860, Dir-x1860 Firmware | 2022-02-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site-scripting attack in web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to execute code in the device of the victim via sending a specific URL to the unauthenticated victim. | |||||
| CVE-2021-41441 | 1 Dlink | 2 Dir-x1860, Dir-x1860 Firmware | 2022-02-17 | 7.1 HIGH | 7.4 HIGH |
| A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated victim. The authenticated victim need to visit this URL, for the router to reboot. | |||||
| CVE-2021-41442 | 1 Dlink | 2 Dir-x1860, Dir-x1860 Firmware | 2022-02-15 | 5.0 MEDIUM | 7.5 HIGH |
| An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. | |||||