| Titolo | D-Link DNS-320, DNS-320LW, DNS-325, DNS-340L Version 1.00, Version 1.01.0914.2012, Version 1.01, Version 1.02, Version 1.08 Information Disclosure |
|---|
| Descrizione | An information disclosure vulnerability has been identified in the /xml/info.xml URI accessible through D-Link NAS devices. This vulnerability, affecting over 61,000 devices on the Internet, allows unauthorized access to sensitive device information without authentication, which could be exploited by an attacker to gain insight into device specifics that could facilitate further attacks.
|
|---|
| Fonte | ⚠️ https://netsecfish.notion.site/Information-Disclosure-Vulnerability-Report-in-xml-info-xml-for-D-Link-NAS-12d6b683e67c8019a311e699582f51b6?pvs=4 |
|---|
| Utente | netsecfish (UID 64568) |
|---|
| Sottomissione | 28/10/2024 14:26 (2 anni fa) |
|---|
| Moderazione | 06/11/2024 08:08 (9 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 283311 [D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L fino a 20241028 HTTP GET Request /xml/info.xml rivelazione di informazioni] |
|---|
| Punti | 16 |
|---|