Research Article
RW-Fuzzer: A Fuzzing Method for Vulnerability Mining on Router Web Interface
Table 1
Common router Web vulnerabilities.
| | Device name | CWE (list of common defects) | Describe |
| | D-Link/DIR-300 | CWE-352 | Cross-site request forgery | | Netgear | CWE-601 | URL redirects to untrusted site | | D-Link DIR-600/300 | CWE-200 | Information leakage | | D-Link 850L | CWE-319 | Sensitive information transmitted in clear text | | D-Link/DIR8xx | CWE-295 | Improper certificate validation | | Billion 7700NR4 | CWE-798 | Use hardcoded certificates | | Link 850L | CWE-798 | Use hardcoded certificates | | TOTOLINK | CWE-20 | Improper certificate validation | | TP-Link | CWE-284 | Improper access control |
|
|
