| 제목 | D-Link DIR-803 1.04 and earlier Authorization Bypass |
|---|
| 설명 | An authentication bypass vulnerability exists in the /getcfg.php interface of D-Link DIR-803 routers (A1 1.04 and earlier). By supplying SERVICES=DEVICE.ACCOUNT together with an injected AUTHORIZED_GROUP=1%0a parameter, an attacker can cause getcfg.php to return the XML configuration containing administrator login credentials. |
|---|
| 원천 | ⚠️ https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/D-Link/vuln-2/DIR-803%20Authentication%20Bypass.md |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2025. 11. 28. PM 01:15 (7 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 11. AM 09:40 (13 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 335869 [D-Link DIR-803 까지 1.04 Configuration /getcfg.php AUTHORIZED_GROUP 정보 공개] |
|---|
| 포인트들 | 19 |
|---|