Research Article
RW-Fuzzer: A Fuzzing Method for Vulnerability Mining on Router Web Interface
Table 1
Common router Web vulnerabilities.
| Device name | CWE (list of common defects) | Describe |
| D-Link/DIR-300 | CWE-352 | Cross-site request forgery | Netgear | CWE-601 | URL redirects to untrusted site | D-Link DIR-600/300 | CWE-200 | Information leakage | D-Link 850L | CWE-319 | Sensitive information transmitted in clear text | D-Link/DIR8xx | CWE-295 | Improper certificate validation | Billion 7700NR4 | CWE-798 | Use hardcoded certificates | Link 850L | CWE-798 | Use hardcoded certificates | TOTOLINK | CWE-20 | Improper certificate validation | TP-Link | CWE-284 | Improper access control |
|
|