Showing 1 - 1 of 1

CVE-2014-7860

Status Candidate

Overview

The web/web_file/fb_publish.php script in D-Link DNS-320L before 1.04b12 and DNS-327L before 1.03b04 Build0119 does not authenticate requests, which allows remote attackers to obtain arbitrary photos and publish them to an arbitrary Facebook profile via a target album_id and access_token.

Related Files

D-Link Bypass / Buffer Overflow: Posted May 28, 2015; Authored by Gergely Eberhardt; SEARCH-LAB performed an independent security assessment on four different D-Link devices. The assessment has identified altogether 53 unique vulnerabilities in the latest firmware (dated 30-07-2014). Several vulnerabilities can be abused by a remote attacker to execute arbitrary code and gain full control over the devices.; tags | advisory, remote, overflow, arbitrary, vulnerability, bypass; advisories | CVE-2014-7857, CVE-2014-7858, CVE-2014-7859, CVE-2014-7860; SHA-256 | 1171f7b6ef3b9988b436da7e93b267aab8de442398c22cf0acfa717cbfa2ab37; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 250 files
indoushka 184 files
Ubuntu 99 files
Gentoo 32 files
Debian 18 files
malvuln 13 files
Frederik Beimgraben 11 files
Chris Beiter 11 files
Matthias Deeg 11 files
Apple 10 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,132)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,415)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,936)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,896)
UNIX (9,464)
UnixWare (188)
Windows (6,782)
Other

CVE-2014-7860

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems