| 제목 | Drink ShareCenter™ 2-Bay Network Storage Enclosure DNS-320 2.02b01 Information Disclosure |
|---|
| 설명 | # Info Leak in Dlink-DNS320 NAS (3)
## Overview
* Type: Information leak
* Supplier: Dlink
* Victim URL: http://{Device-IP}/cgi-bin/widget_api.cgi?getSys
* Product: ShareCenter™ 2-Bay Network Storage Enclosure DNS-320
* Affect version: (lastest) 2.02b01
* Firmware download: http://files.dlink.com.au/products/DNS-320/REV_A/Firmware/Firmware_v2.02b01/DNS-320_A1_FW_2.02b01.zip
## Description
An infomation leaking vulnerability is at the web management interface of the affected NAS devices. Without any permition, attacker can get sensitive information about system from the victim URL.
The victime url is a hidden interface and isn't been protected by any authentication and authorization.
|
|---|
| 원천 | ⚠️ https://github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/3 |
|---|
| 사용자 | leetmoon (UID 42673) |
|---|
| 제출 | 2024. 09. 02. AM 09:22 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 09. 05. AM 07:06 (3 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 276626 [D-Link DNS-320 2.02b01 Web Management Interface /cgi-bin/widget_api.cgi getHD/getSer/getSys 정보 공개] |
|---|
| 포인트들 | 0 |
|---|