cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-14335,https://securityvulnerability.io/vulnerability/CVE-2019-14335,Post-authenticated Denial of Service in D-Link Access Points,"D-Link 6600-AP and DWL-3600AP devices are susceptible to a post-authenticated denial of service attack. Exploitation can be achieved through a specifically crafted request sent to the admin.cgi?action=%s URI. Successful exploitation leads to the unintentional reboot of the access points, disrupting service availability for users. This issue was present in firmware version 4.2.0.14, raised concerns regarding network integrity and reliability, making it essential for users to apply the necessary patches provided by D-Link.",D-Link,6600-ap Firmware,5.5,MEDIUM,0.0005099999834783375,false,,false,false,false,,,false,false,,2019-08-08T13:05:48.000Z,0
CVE-2019-14338,https://securityvulnerability.io/vulnerability/CVE-2019-14338,XSS Vulnerability in D-Link 6600-AP and DWL-3600AP Devices,"A vulnerability exists in the D-Link 6600-AP and DWL-3600AP devices due to an XSS flaw in the management interface. When an authenticated user accesses the admin.cgi?action= page, they can be subjected to cross-site scripting attacks, allowing attackers to inject malicious scripts. This could lead to unauthorized actions being performed on behalf of the user, such as accessing sensitive data or compromising the device's configuration.",D-Link,6600-ap Firmware,6.1,MEDIUM,0.0033400000538676977,false,,false,false,false,,,false,false,,2019-08-01T12:32:40.000Z,0
CVE-2019-14337,https://securityvulnerability.io/vulnerability/CVE-2019-14337,Command Line Interface Vulnerability in D-Link Devices,"An issue has been identified in D-Link 6600-AP and DWL-3600AP Ax devices, where an attacker can exploit a vulnerability to escape from a restricted command line interface. This is achieved through a crafted command sequence that allows unauthorized access to the system shell. Such misconfigurations can expose devices to various security risks, including unauthorized command execution, potentially compromising the integrity and confidentiality of the device and its network.",D-Link,6600-ap Firmware,5.5,MEDIUM,0.00279999990016222,false,,false,false,false,,,false,false,,2019-08-01T12:31:42.000Z,0
CVE-2019-14336,https://securityvulnerability.io/vulnerability/CVE-2019-14336,Information Disclosure Vulnerability in D-Link Wireless Access Points,"A security flaw in D-Link 6600-AP and DWL-3600AP devices allows post-authenticated users to dump all configuration files by sending an insecure HTTP request to a specific admin CGI endpoint. This issue poses significant risks, as it can expose sensitive settings and operational configurations, potentially enabling attackers to exploit other vulnerabilities or gain unauthorized access.",D-Link,6600-ap Firmware,5.5,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2019-08-01T12:30:38.000Z,0
CVE-2019-14334,https://securityvulnerability.io/vulnerability/CVE-2019-14334,Insecure Certificate and RSA Private Key Extraction in D-Link Devices,"A security vulnerability has been identified in certain D-Link wireless access points, where an insecure HTTP command allows for post-authentication extraction of sensitive data, including SSL certificates and RSA private keys. This issue affects the D-Link 6600-AP, DWL-3600AP, and DWL-8610AP models running firmware version Ax 4.2.0.14 as of March 21, 2019. Exploitation of this flaw could lead to unauthorized access to confidential information, emphasizing the necessity for users to update their devices and apply security patches promptly.",D-Link,6600-ap Firmware,5.5,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2019-08-01T12:27:36.000Z,0
CVE-2019-14333,https://securityvulnerability.io/vulnerability/CVE-2019-14333,Denial of Service Vulnerability in D-Link Access Points,"A vulnerability has been identified in certain D-Link access points that allows for a pre-authenticated denial of service attack. This occurs when an attacker exploits a long action parameter in the admin.cgi interface, leading to potential disruption of service. Devices affected include the D-Link 6600-AP and the DWL-3600AP, specifically versions running Ax 4.2.0.14. Administrators are advised to review security advisories and take preventive measures.",D-Link,6600-ap Firmware,5.5,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2019-08-01T12:26:27.000Z,0
CVE-2019-14332,https://securityvulnerability.io/vulnerability/CVE-2019-14332,Weak Cipher Vulnerability in D-Link Wireless Access Points,"A vulnerability has been identified in specific D-Link wireless access points where weak ciphers, such as diffie-hellman-group1-sha1, are utilized for SSH connections. This issue may expose devices to potential security risks, allowing for unauthorized access and information disclosure. Users are advised to implement immediate security measures, including updating firmware and enhancing cryptographic strength to safeguard their networks.",D-Link,6600-ap Firmware,7.8,HIGH,0.0015399999683722854,false,,false,false,false,,,false,false,,2019-08-01T12:22:40.000Z,0