Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-10025


Vulnerability Score 6.8 6.8
CVE Id CVE-2014-10025
Last Modified 13 Jan 2015 07:31:14
Published 13 Jan 2015 06:59:32
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that change the (1) Enable Wireless, (2) MBSSID, (3) BSSID, (4) Hide Access Point, (5) SSID, (6) Country, (7) Channel, (8) Wireless mode, or (9) Max Associated Clients setting via a crafted request to index.cgi.

Vulnerable Systems


  • D-link Dap-1360 Firmware 2.5.4



FULLDISC - 20141109 IL and CSRF vulnerabilities in D-Link DAP-1360

Last Updated: 27 May 2016 11:07:31