Cross-Site Request Forgery Vulnerabilities in D-Link DAP-1360 Router
CVE-2014-10027

Currently unrated

Key Information:

Vendor: D-Link
Status: Dap-1360 Firmware
Vendor: CVE Published:; 13 January 2015

Summary

The D-Link DAP-1360 router contains multiple CSRF vulnerabilities that allow unauthorized remote attackers to hijack user authentication. These flaws can be exploited through crafted requests to index.cgi, enabling attackers to manipulate MAC filter settings, including changing restrict modes and altering the MAC address list. Users are encouraged to update their firmware to mitigate these vulnerabilities.

References

http://websecurity.com.ua/7215/

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Nov/100

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 13, 2015