Details of VAR-190001-1072

ID

VAR-190001-1072

TITLE

D-Link DAP-1150 Cross-Site Request Forgery Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2012-0581 // CNNVD: CNNVD-201202-242

DESCRIPTION

The D-Link DAP-1150 is a wireless access device. D-Link DAP-1150 has a cross-site request forgery vulnerability that allows an attacker to build a malicious link, entice a logged-in user to resolve, and perform various administrative operations in the target user context. D-Link DAP-1150 is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected device. Other attacks are also possible. D-Link DAP-1150 firmware version 1.2.94 is vulnerable; other versions may also be affected

Trust: 0.81

sources: CNVD: CNVD-2012-0581 // BID: 51985

IOT TAXONOMY

category:

['IoT', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2012-0581

AFFECTED PRODUCTS

vendor:

d link

model:

dap-1150

scope:

version:

1.2.94

Trust: 0.9

sources: CNVD: CNVD-2012-0581 // BID: 51985

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-242

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201202-242

EXTERNAL IDS

db:	BID	id:	51985	Trust: 1.5
db:	CNVD	id:	CNVD-2012-0581	Trust: 0.6
db:	CNNVD	id:	CNNVD-201202-242	Trust: 0.6

sources: CNVD: CNVD-2012-0581 // BID: 51985 // CNNVD: CNNVD-201202-242

REFERENCES

url:	http://websecurity.com.ua/5561/http	Trust: 0.6
url:	http://www.securityfocus.com/bid/51985	Trust: 0.6
url:	http://websecurity.com.ua/5561/	Trust: 0.3
url:	http://www.dlink.com/	Trust: 0.3
url:	http://websecurity.com.ua/5567/	Trust: 0.3

sources: CNVD: CNVD-2012-0581 // BID: 51985 // CNNVD: CNNVD-201202-242

CREDITS

MustLive

Trust: 0.9

sources: BID: 51985 // CNNVD: CNNVD-201202-242

SOURCES

db:	CNVD	id:	CNVD-2012-0581
db:	BID	id:	51985
db:	CNNVD	id:	CNNVD-201202-242

LAST UPDATE DATE

2022-05-17T01:40:45.274000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-0581	date:	2012-02-15T00:00:00
db:	BID	id:	51985	date:	2013-03-11T07:24:00
db:	CNNVD	id:	CNNVD-201202-242	date:	2012-02-16T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2012-0581	date:	2012-02-15T00:00:00
db:	BID	id:	51985	date:	2012-02-13T00:00:00
db:	CNNVD	id:	CNNVD-201202-242	date:	1900-01-01T00:00:00