The vulnerability of the HNAP protocol implementation in D-Link Wi-Fi router microprogramming products such as DIR-867-US, DIR-878, and DIR-882-US allows attackers to circumvent security restrictions, gain increased privileges, or execute arbitrary code.
The vulnerability of the HNAP protocol implementation in D-Link Wi-Fi router software models such as DIR-867-US, DIR-878, and DIR-882-US lies in the ability to bypass authentication by using an alternative path or channel when processing HTTP requests that include the string “?GetCAPTCHAsetting”...