CVE-2014-3136

HIGH

Dlink Dwr-113 Firmware < 2.03b02 - CSRF

Title source: rule
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in D-Link DWR-113 (Rev. Ax) with firmware before 2.03b02 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via unspecified vectors.

Exploits (1)

exploitdb WORKING POC
by Blessen Thomas · textdoshardware
https://www.exploit-db.com/exploits/34203

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
https://www.securityfocus.com/bid/68967
Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/cve/CVE-2014-3136
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95022

Scores

CVSS v3 8.8
EPSS 0.0080
EPSS Percentile 74.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
dlink/dwr-113_firmware < 2.03b02
Published Dec 27, 2019
Tracked Since Feb 18, 2026