Multiple SQL injection vulnerabilities in the administration login page in D-Link DAP-1350 (Rev. A1) with firmware 1.14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password.
2014-05-27T13:55:07.207
2025-04-12T10:46:40.837
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | dlink | dap-1350_firmware | ≤ 1.14 | Yes |
Operating System | dlink | dap-1350_firmware | 1.10 | Yes |
Hardware | dlink | dap-1350 | rev._a1 | Yes |