CVE-2020-9376

D-Link DIR-610 devices have an information disclosure vulnerability exposed through the getcfg.php endpoint by passing SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1. The issue is described consistently across CVE-2020-9376 references and related scans (e.g., NVD, Nuclei template) as affecting devi...

CVE-2020-9376

D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZEDGROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2019-17506

There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password and other information via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZEDGROUP=1%0a to getcfg.php...

Router vulnerability reproduce the analysis of the fourth bomb: CVE-2018-7034-vulnerability warning-the black bar safety net

TrendNET router permission bypass vulnerability, an attacker by setting$AUTHORIZEDGROUP = 1 to bypass permission verification Vulnerability reference information:https://blogs. securiteam. com/index. php/archives/3627 The affected version of the router TEW-751DR – v1. 03B03 TEW-752DRU – v1. 03B01...

CVE-2018-10106

D-Link DIR-815 REV. B with firmware through DIR-815REVBFIRMWAREPATCH2.07.B01 devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0aPOSTSERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZEDGROUP%3D1 request...

CVE-2018-10106

D-Link DIR-815 REV. B with firmware through DIR-815REVBFIRMWAREPATCH2.07.B01 devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0aPOSTSERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZEDGROUP%3D1 request...

PT-2018-4005 · D Link · D-Link Dir-815

Name of the Vulnerable Software and Affected Versions: D-Link DIR-815 REV. B versions through DIR-815 REVB FIRMWARE PATCH 2.07.B01 Description: The issue concerns a permission bypass and information disclosure in the /htdocs/web/getcfg.php file of the D-Link DIR-815 REV. B firmware. This can be...

Authentication flaw

TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZEDGROUP=1 value, as demonstrated by a request for getcfg.php...

CVE-2018-7034

TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZEDGROUP=1 value, as demonstrated by a request for getcfg.php...

CVE-2018-7034

CVE-2018-7034 impacts TRENDnet TEW-751DR (v1.03B03), TEW-752DRU (v1.03B01) and TEW733GR (v1.03B01). The vulnerability is an authentication bypass via AUTHORIZED_GROUP=1 in requests to getcfg.php, enabling access to sensitive information. Several connected sources corroborate that this is a router...

CVE-2018-7034

TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZEDGROUP=1 value, as demonstrated by a request for getcfg.php...

D-Link DIR-645 getcfg.php Admin Password Disclosure

The remote D-Link DIR-645 router is affected by an information disclosure vulnerability. By sending a specially crafted request to the 'getcfg.php' script, a remote unauthenticated attacker could retrieve the admin password information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...