CVE-2024-36755

D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can allow attackers to downgrade the firmware version or change the downloading URL via a man-in-the-middle attack...

The vulnerability of D-Link DIR-1950 Wi-Fi routers’ microprogramming software is related to errors in the authentication process for certificates. This allows attackers to execute a “Man-in-the-Middle” attack.

The vulnerability of D-Link DIR-1950 Wi-Fi routers’ microprogramming software is related to errors in the certificate validation process when downloading updates. Exploiting this vulnerability allows a remote attacker to execute a “Man-in-the-Middle” attack...

CVE-2024-36755

D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can allow attackers to downgrade the firmware version or change the downloading URL via a man-in-the-middle attack...

CVE-2024-36755

D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can allow attackers to downgrade the firmware version or change the downloading URL via a man-in-the-middle attack...

PT-2024-4653 · D Link · D-Link Dir-1950

Name of the Vulnerable Software and Affected Versions: D-Link DIR-1950 versions up to v1.11B03 Description: The issue is related to the failure to validate SSL certificates when requesting the latest firmware version and downloading URL. This can allow attackers to perform a man-in-the-middle...