Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.DLINK_DVIEW8_STATIC_JWT_KEY.NBIN
HistoryOct 20, 2023 - 12:00 a.m.

D-Link D-View 8 Hard-coded JWT Key (CVE-2023-5074)

2023-10-2000:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
d-link d-view 8
hard-coded
jwt key
cve-2023-5074
binary data
scanner
JSON

The D-Link D-View 8 web server running on the remote host uses a hard-coded key to protect a JWT token. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to bypass authentication to perform otherwise restricted operations.

Binary data dlink_dview8_static_jwt_key.nbin
VendorProductVersionCPE
dlinkdview8x-cpe:/a:dlink:dview8

Related

nuclei 1
githubexploit 1
prion 1
cve 1
nuclei
nuclei
D-Link D-View 8 v2.0.1.28 - Authentication Bypass
2023-09-26 14:35:39
githubexploit
githubexploit
Exploit for Use of Hard-coded Credentials in Dlink D-View 8
2023-09-30 00:07:52
prion
prion
Authentication flaw
2023-09-20 16:15:00
cve
cve
CVE-2023-5074
2023-09-20 16:15:12
JSON
Related for DLINK_DVIEW8_STATIC_JWT_KEY.NBIN
nuclei1githubexploit1prion1cve1