2 matches found
CVE-2022-36785
D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. Information Disclosure – file contains a URL with private IP at line 15 "login.asp" A. The window.location.href = http://192.168.1.1/setupWizard.asp" http://192.168.1.1/setupWizard.asp" ; "admin" – contains defaul...
CVE-2022-36785
CVE-2022-36785 affects D-Link G Integrated Access Device4. Public sources describe an information-disclosure and authorization-bypass vulnerability where the web interface does not properly validate client-side identity variables, allowing access to admin credentials via the setupWizard.asp URL a...