First published: Fri Dec 15 2017(Updated: )
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login page can manipulate the POST request in such a manner as to access some administrator-only pages such as tools_admin.asp without credentials.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
D-Link DIR-130 firmware | =1.23 | |
Dlink Dir-130 | ||
D-link Dir-330 Firmware | =1.12 | |
Dlink Dir-330 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.