D Link Central Wifimanager
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in D Link Central Wifimanager.
By the Year
In 2026 there have been 0 vulnerabilities in D Link Central Wifimanager. Central Wifimanager did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 0.00 |
| 2018 | 4 | 7.70 |
It may take a day or so for new Central Wifimanager vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D Link Central Wifimanager Security Vulnerabilities
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices
CVE-2018-15516
- January 31, 2019
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF.
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually
CVE-2018-15517
- January 31, 2019
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI.
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1
CVE-2018-17440
9.8 - Critical
- October 08, 2018
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker could execute arbitrary PHP code by uploading any file in the web root directory and then accessing it via a request.
Unrestricted File Upload
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1
CVE-2018-17441
6.1 - Medium
- October 08, 2018
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS.
XSS
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1
CVE-2018-17442
8.8 - High
- October 08, 2018
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code.
Unrestricted File Upload
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1
CVE-2018-17443
6.1 - Medium
- October 08, 2018
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for D Link Central Wifimanager or by D Link? Click the Watch button to subscribe.
