CVE-2014-3872 in DAP-1350info

Summary

Multiple SQL injection vulnerabilities in the administration login page in D-Link DAP-1350 (Rev. A1) with firmware 1.14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

05/27/2014

Disclosure

05/27/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
69829D-Link DAP-1350 Administration sql injection89Not definedNot definedCVE-2014-3872
13186D-Link DAP-1350 Web sql injection89Proof-of-ConceptUnavailableCVE-2014-3872

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!