NuytsTech Security

CVE-2014-3872

by ·

Multiple SQL injection vulnerabilities in the administration login page in D-Link DAP-1350 (Rev. A1) with firmware 1.14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password.

Date published : 2014-05-27

http://www.securityfocus.com/bid/67310

http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10023

Tags: