First published: Fri May 20 2005(Updated: )
D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
D-Link DSL-504T | ||
D-link Dsl-562t | ||
D-Link DSL-G604T | ||
D-Link DSL-502T |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.