CVE-2014-100005

unknown KEV

Published 2024-05-16 · Modified 2024-05-16

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.

CISA KEV

Vendor: D-Link
Product: DIR-600 Router
Due date: 2024-06-06

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://legacy.us.dlink.com/pages/product.aspx?id=4587b63118524aec911191cc81605283; https://nvd.nist.gov/vuln/detail/CVE-2014-100005

Exploits

References

https://legacy.us.dlink.com/pages/product.aspx?id=4587b63118524aec911191cc81605283; https://nvd.nist.gov/vuln/detail/CVE-2014-100005

Verify integrity in audit chain (admin only). AS-IS.