CVE-2013-3095

Currently unrated

Key Information:

Vendor: D-Link
Status: Dir865l Firmware; Dir865l
Vendor: CVE Published:; 20 November 2013

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi.

References

http://securityadvisories.dlink.com/security/publication....

x_refsource_CONFIRM

http://secunia.com/advisories/53064

third-party-advisoryx_refsource_SECUNIA

http://securityevaluators.com/content/case-studies/router...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 20, 2013