HomePentest-Tools.com Logo

D-Link DIR-850L Rev.A1 < 1.20 / Rev.B1 < 2.20 XSS / Backdoor / Code Execution Vulnerabilities CVE-2017-14413CVE-2017-14414CVE-2017-14415CVE-2017-14416CVE-2017-14417CVE-2017-14418CVE-2017-14419CVE-2017-14420CVE-2017-14421CVE-2017-14422CVE-2017-14423CVE-2017-14424CVE-2017-14425CVE-2017-14426CVE-2017-14427CVE-2017-14428CVE-2017-14429CVE-2017-14430

Severity
CVSSv3 Score
7.5
Vulnerability description

D-Link DIR-850L devices suffer from cross-site scripting, access bypass, backdoor, bruteforcing, information disclosure, remote code execution, and denial of service vulnerabilities.

Risk description

Remote attacker can execute XSS attacks, obtain the admin password, forge firmware and to execute remote commands.

Recommendation

Upgrade the D-Link DIR-850L firmware to version 1.20 for Rev. A and/or version 2.20 for Rev. B routers. Check the referenced vendor link for more information on how to apply the firmware.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 13, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available