إرسال #703150: D-Link DIR-803 1.04 and earlier Authorization Bypassالمعلومات

عنوانD-Link DIR-803 1.04 and earlier Authorization Bypass
الوصفAn authentication bypass vulnerability exists in the /getcfg.php interface of D-Link DIR-803 routers (A1 1.04 and earlier). By supplying SERVICES=DEVICE.ACCOUNT together with an injected AUTHORIZED_GROUP=1%0a parameter, an attacker can cause getcfg.php to return the XML configuration containing administrator login credentials.
المصدر⚠️ https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/D-Link/vuln-2/DIR-803%20Authentication%20Bypass.md
المستخدم
 Anonymous User
ارسال28/11/2025 01:15 PM (7 أشهر منذ)
الاعتدال11/12/2025 09:40 AM (13 days later)
الحالةتمت الموافقة
إدخال VulDB335869 [D-Link DIR-803 حتى 1.04 Configuration /getcfg.php AUTHORIZED_GROUP الكشف عن المعلومات]
النقاط19

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!