Authentication flaw

2018-10-0917:29:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.5%

JSON

An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. One can bypass authentication mechanisms to download the configuration file.

CPENameOperatorVersion
dir-809_a1_firmwarele1.09
dir-809_a2_firmwarele1.11
dir-809_guestzone_firmwarele1.09

Name	Operator	Version
dir-809_a1_firmware	le	1.09
dir-809_a2_firmware	le	1.11
dir-809_guestzone_firmware	le	1.09

References

blog.nivel4.com/investigaciones/nuevas-vulnerabilidades-en-router-d-link-permiten-tomar-control-remoto-del-dispositivo/