CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jun 6, 2024

CVE-2014-100005

High

EPSS 40.8%CISA KEV

D-Link/DIR-600 Router

Description

D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session.

EPSS — Exploit Probability

40.8%

Higher than 97.3% of all CVEs

Required Action

https://legacy.us.dlink.com/pages/product.aspx?id=4587b63118524aec911191cc81605283; https://nvd.nist.gov/vuln/detail/CVE-2014-100005

Risk Assessment

ELEVATED

In CISA KEV

Details

Severity: High
EPSS: 40.8%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

May 16, 2024

Added to KEV

May 16, 2024

Remediation Due

Jun 6, 2024

Affected Product

D-Link

DIR-600 Router

View all D-Link CVEs

External Links

NVD (NIST)CVE Details MITRE CVE