D-link - Dns-320l CVE

Filtered by vendor D-link Subscribe

Filtered by product Dns-320l

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2014-7860	1 D-link	4 Dns-320l, Dns-320l Firmware, Dns-327l and 1 more	2018-10-09	5.0 MEDIUM	5.3 MEDIUM
The web/web_file/fb_publish.php script in D-Link DNS-320L before 1.04b12 and DNS-327L before 1.03b04 Build0119 does not authenticate requests, which allows remote attackers to obtain arbitrary photos and publish them to an arbitrary Facebook profile via a target album_id and access_token.

Vulnerabilities (CVE)