CVE-2014-10026
D-Link DAP-1360 Firmware < 2.5.4 - Unauthenticated Sensitive Information Exposure via client_login Cookie
Title source: llmDescription
index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows remote attackers to bypass authentication and obtain sensitive information by setting the client_login cookie to admin.
References (2)
Core 2
Core References
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Nov/19
Exploit x_refsource_misc
http://websecurity.com.ua/7179/
Scores
EPSS
0.0033
EPSS Percentile
55.8%
Details
CWE
CWE-200
Status
published
Products (1)
dlink/dap-1360_firmware
< 2.5.4
Published
Jan 13, 2015
Tracked Since
Feb 18, 2026