cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-9277,https://securityvulnerability.io/vulnerability/CVE-2020-9277,,"An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authentication.",D-Link,Dsl-2640b Firmware,9.8,CRITICAL,0.006180000025779009,false,false,false,false,,false,false,2020-04-20T23:15:00.000Z,0
CVE-2020-9275,https://securityvulnerability.io/vulnerability/CVE-2020-9275,,"An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials.",D-Link,Dsl-2640b Firmware,9.8,CRITICAL,0.00761000020429492,false,false,false,false,,false,false,2020-04-20T23:15:00.000Z,0
CVE-2020-9276,https://securityvulnerability.io/vulnerability/CVE-2020-9276,,"An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The function do_cgi(), which processes cgi requests supplied to the device's web servers, is vulnerable to a remotely exploitable stack-based buffer overflow. Unauthenticated exploitation is possible by combining this vulnerability with CVE-2020-9277.",D-Link,Dsl-2640b Firmware,8.8,HIGH,0.006479999981820583,false,false,false,false,,false,false,2020-04-20T23:15:00.000Z,0
CVE-2020-9278,https://securityvulnerability.io/vulnerability/CVE-2020-9278,,An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL.,D-Link,Dsl-2640b Firmware,9.1,CRITICAL,0.0027000000700354576,false,false,false,false,,false,false,2020-04-20T23:15:00.000Z,0
CVE-2020-9279,https://securityvulnerability.io/vulnerability/CVE-2020-9279,,An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take full control of the device.,D-Link,Dsl-2640b Firmware,9.8,CRITICAL,0.005239999853074551,false,false,false,false,,false,false,2020-04-20T23:15:00.000Z,0
CVE-2020-9544,https://securityvulnerability.io/vulnerability/CVE-2020-9544,,An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice.,D-link,Dsl-2640b Firmware,7.5,HIGH,0.0013099999632686377,false,false,false,false,,false,false,2020-03-05T14:57:01.000Z,0
CVE-2012-1308,https://securityvulnerability.io/vulnerability/CVE-2012-1308,,Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter.,D-Link,"Dsl-2640b Firmware,Dsl-2640b",,,0.16354000568389893,false,false,false,false,,false,false,2012-10-08T18:00:00.000Z,0