CVE-2025-14528

A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...

CVE-2025-14528 D-Link DIR-803 Configuration getcfg.php information disclosure

A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZEDGROUP results in information disclosure. The attack may be performed from remote. The exploit is no...

CVE-2025-14528

The CVE-2025-14528 issue affects D-Link DIR-803 routers (firmware up to 1.04, A1 era). A vulnerability in the Configuration Handler’s /getcfg.php allows manipulation of the AUTHORIZED_GROUP parameter via newline injection, resulting in an authentication bypass and exposure of administrator creden...

D-Link DIR-803 安全漏洞

The D-Link DIR-803 is a wireless router from China's AUO D-Link. The D-Link DIR-803 suffers from an information disclosure vulnerability that originates from the incorrect operation of the parameter AUTHORIZEDGROUP in the file /getcfg.php of the component Configuration Handler, which can be...

PT-2025-50639

Name of the Vulnerable Software and Affected Versions D-Link DIR-803 versions prior to 1.05 Description A flaw exists in D-Link DIR-803, potentially leading to information disclosure. The issue resides within the Configuration Handler component, specifically in the /getcfg.php file. Manipulation ...

EUVD-2020-7868

Malware in sbrugna...

EUVD-2022-39455

Malicious code in bioql PyPI...

CVE-2025-10093

A vulnerability was identified in D-Link DIR-852 up to 1.00CN B09. Affected by this vulnerability is the function phpcgimain of the file /getcfg.php of the component Device Configuration Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The explo...

CVE-2025-10093

CVE-2025-10093 affects the D-Link DIR-852 (up to 1.00CN B09), targeting the Device Configuration Handler, specifically the function phpcgi_main in the file /getcfg.php . The vulnerability allows remote manipulation that leads to information disclosure . The issue is exploitable over the network w...

PT-2025-36463

Name of the Vulnerable Software and Affected Versions: D-Link DIR-852 versions up to 1.00CN B09 Description: A vulnerability exists in D-Link DIR-852 that allows for information disclosure. The vulnerability is located in the phpcgi main function of the /getcfg.php file within the Device...

CVE-2024-33110

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component...

CVE-2022-36755

D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZEDGROUP=1 value, as demonstrated by a request for getcfg.php...

CVE-2022-28956

An issue in the getcfg.php component of D-Link DIR816LFW206b01 allows attackers to access the device via a crafted payload...

CVE-2018-7034

TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZEDGROUP=1 value, as demonstrated by a request for getcfg.php...

PT-2025-6734 · D Link · D-Link Dir-859

Name of the Vulnerable Software and Affected Versions: D-Link DIR-859 router versions A3 1.05 and earlier Description: A vulnerability in the D-Link DIR-859 router permits unauthorized individuals to bypass authentication. An attacker can obtain a user name and password by forging a post request ...

D-Link DIR-859 安全漏洞

The D-Link DIR-859 is a wireless router from China AUO D-Link. A security vulnerability exists in the D-Link DIR-859 v1.05 and earlier versions. An attacker can exploit this vulnerability to obtain a username and password by spoofing a post request to the /getcfg.php page...

D-Link DIR-605 Router Information Disclosure Vulnerability

D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and password by forging a post request to the /getcfg.php page...

The vulnerability in the getcfg.php script of D-Link DIR-845L router microprogramming software allows a hacker to bypass security restrictions and gain increased privileges.

The vulnerability in the getcfg.php script of D-Link DIR-845L router microprogramming software exposes a flaw in access control when processing the $GLOBALS"AUTHORIZEDGROUP" parameter. Exploiting this vulnerability allows an attacker to bypass security restrictions and enhance their privileges...

The vulnerability in the getcfg.php script of D-Link DIR-845L router microprogramming software allows a hacker to gain unauthorized access to protected information.

The vulnerability in the getcfg.php script of D-Link DIR-845L router microprogramming software allows an attacker to gain unauthorized access to protected information when processing the $file parameter. Exploiting this vulnerability can enable a remote attacker to obtain unauthorized access to...

CVE-2024-33110

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component...