CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-15516

MEDIUM
5.8
CVSS Severity Score
EPSS Score0.0210%
EPSS Percentile29.10th
Published2019年1月31日
Last Modified2024年11月21日

Vulnerability Description

The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF.

Affected Platforms (CPE)

📦
Dlink

Central Wifimanager

= 1.03

References & Advisories

🔗 http://packetstormsecurity.com/files/150242/D-LINK-Central-WifiManager-CWM-100-1.03-r0098-Man-In-The-Middle.html
🔗 http://seclists.org/fulldisclosure/2018/Nov/27
🔗 https://vimeo.com/299797225
🔗 http://packetstormsecurity.com/files/150242/D-LINK-Central-WifiManager-CWM-100-1.03-r0098-Man-In-The-Middle.html
🔗 http://seclists.org/fulldisclosure/2018/Nov/27
🔗 https://vimeo.com/299797225

相关漏洞威胁

CVE-2018-155178.6

The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP serv...

CVE-2018-155157.8

The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from th...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...