| Title | D-Link DNS-320, DNS-320LW, DNS-325, DNS-340L Version 1.00, Version 1.01.0914.2012, Version 1.01, Version 1.02, Version 1.08 Information Disclosure |
|---|
| Description | An information disclosure vulnerability has been identified in the /xml/info.xml URI accessible through D-Link NAS devices. This vulnerability, affecting over 61,000 devices on the Internet, allows unauthorized access to sensitive device information without authentication, which could be exploited by an attacker to gain insight into device specifics that could facilitate further attacks.
|
|---|
| Source | ⚠️ https://netsecfish.notion.site/Information-Disclosure-Vulnerability-Report-in-xml-info-xml-for-D-Link-NAS-12d6b683e67c8019a311e699582f51b6?pvs=4 |
|---|
| User | netsecfish (UID 64568) |
|---|
| Submission | 10/28/2024 14:26 (2 years ago) |
|---|
| Moderation | 11/06/2024 08:08 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 283311 [D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L up to 20241028 HTTP GET Request /xml/info.xml information disclosure] |
|---|
| Points | 16 |
|---|