14 matches found
D-Link DIR-803 - Authentication Bypass
An authentication bypass vulnerability exists in D-Link DIR-803 routers firmware A1 1.04 and earlier. By manipulating the AUTHORIZEDGROUP parameter in /getcfg.php via newline injection, an attacker can retrieve XML configuration containing administrator credentials without authentication. id:...
VulnCheck KEV: CVE-2025-14528
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...
CVE-2025-14528
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...
CVE-2025-14528
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...
CVE-2025-14528
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...
CVE-2025-14528
The CVE-2025-14528 entry concerns the D-Link DIR-803 router (firmware up to 1.04). A vulnerability in the Configuration Handler’s getcfg.php component allows manipulation of the AUTHORIZED_GROUP parameter, leading to information disclosure. This issue is exploitable remotely and affects devices n...
CVE-2025-14528 D-Link DIR-803 Configuration getcfg.php information disclosure
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...
CVE-2025-14528 D-Link DIR-803 Configuration getcfg.php information disclosure
A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...
PT-2025-50639
Name of the Vulnerable Software and Affected Versions D-Link DIR-803 versions prior to 1.05 Description A flaw exists in D-Link DIR-803, potentially leading to information disclosure. The issue resides within the Configuration Handler component, specifically in the /getcfg.php file. Manipulation ...
D-Link DIR-803 安全漏洞
The D-Link DIR-803 is a wireless router from China's AUO D-Link. The D-Link DIR-803 suffers from an information disclosure vulnerability that originates from the incorrect operation of the parameter AUTHORIZEDGROUP in the file /getcfg.php of the component Configuration Handler, which can be...
CVE-2020-25786
webinc/js/info.php on D-Link DIR-816L 2.06.B09BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding except in Internet...
CVE-2020-25786
webinc/js/info.php on D-Link DIR-816L 2.06.B09BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding except in Internet...
CVE-2020-25786
CVE-2020-25786 affects D-Link DIR-816L (2.06.B09_BETA) and DIR-803 (1.04.B02). A flaw in webinc/js/info.php allows XSS via the HTTP Referer header . Public notes: affected products are no longer supported by the maintainer; exploitability is typically limited due to URL encoding (except in Intern...
PT-2020-16206 · D Link +1 · D-Link Dir-816L +2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816L version 2.06.B09 BETA D-Link DIR-803 version 1.04.B02 Description: The issue allows for XSS via the HTTP Referer header in the webinc/js/info.php file. This typically is not exploitable due to URL encoding, except in Internet...