DSL-504T.txt

Device: CUSTOMER=DLinkEU MODEL=DSL-504T Version: only tested with VERSION=V1.00B01T16.EU.20040217 Bugs: i remote firmware upgrade without password ii config retrieval without password Exploitation: remote Date: 26/05/2005 Status: vendor not contacted Workaround: disable remote web management...

CVE-2005-1827

The CVE-2005-1827 issue affects the D-Link DSL-504T, where an unauthenticated remote attacker can bypass authentication by sending a direct request to the firmwarecfg endpoint. This allows privilege escalation to perform actions such as upgrading firmware, restarting the router, or restoring a sa...

CVE-2005-1828

CVE-2005-1828 affects D-Link DSL-504T. The root cause is that usernames and passwords are stored in cleartext in the router configuration file, enabling remote retrieval of sensitive data without authentication. Public documents confirm the affected device and exposure, but do not provide an offi...

CVE-2005-1828

D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information...

CVE-2005-1827

D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as upgrade firmware, restart the router or restore a saved configuration, via a direct request to firmwarecfg...

PT-2005-2795 · D Link · D-Link Dsl-504T

Name of the Vulnerable Software and Affected Versions: D-Link DSL-504T affected versions not specified Description: The issue allows remote attackers to obtain sensitive information because usernames and passwords are stored in cleartext in the router configuration file. Recommendations: At the...