Vulnerabilities > D Link > DIR 600M Firmware

DATE CVE VULNERABILITY TITLE RISK
2017-07-20 CVE-2017-10676 Cross-site Scripting vulnerability in D-Link Dir-600M Firmware Fw3.05B01
On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.cgi username parameter.
network
low complexity
d-link CWE-79
6.1
6.1
2017-03-22 CVE-2017-5874 Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-600M Firmware
CSRF exists on D-Link DIR-600M Rev.
network
low complexity
d-link CWE-352
8.8
8.8