| शीर्षक | D-LINK DNS-327L, DNS-320L, DNS-320LW Version=1.02.0329.2013, Version=1.01.0914.2012, Version=1.01.0914.2012, Version=1.00.0409.2013 Exposure of Sensitive Information to an Unauthorized Actor |
|---|
| विवरण | A vulnerability has been identified in the D-Link DNS series network storage devices, allowing for the exposure of sensitive device information to unauthorized actors. This vulnerability is due to an unauthenticated access flaw in the info.cgi script, which can be exploited via a simple HTTP GET request, affecting over 920,000 devices on the Internet. |
|---|
| स्रोत | ⚠️ https://github.com/netsecfish/info_cgi |
|---|
| उपयोगकर्ता | netsecfish (UID 64568) |
|---|
| सबमिशन | 26/03/2024 02:20 PM (2 साल पहले) |
|---|
| संयम | 03/04/2024 08:23 PM (8 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 259285 [D-Link DNS-320L/DNS-320LW/DNS-327L तक 20240403 HTTP GET Request /cgi-bin/info.cgi सूचना का प्रकटीकरण] |
|---|
| अंक | 18 |
|---|