Vulnerabilities > Dlink > DWR 2000M Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-28730 Cross-site Scripting vulnerability in Dlink Dwr-2000M Firmware 1.34Me
Cross Site Scripting vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to obtain sensitive information via the file upload feature of the VPN configuration module.
network
low complexity
dlink CWE-79
5.4
5.4
2024-11-12 CVE-2024-28731 Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dwr-2000M Firmware 1.34Me
Cross Site Request Forgery vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to obtain sensitive information via the Port forwarding option.
network
low complexity
dlink CWE-352
4.3
4.3