| Title | D-Link DIR-878 HW:A1 FW:1.03 Improper Access Controls |
|---|
| Description | An improper access control vulnerability exists in the web management interface of DIR-878 HW:A1 FW:1.03. By sending a specially crafted unauthenticated HTTP POST request to the header set to dllog.cgi, an attacker can view the device log. |
|---|
| Source | ⚠️ https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-878/dllog.md |
|---|
| User | wxhwxhwxh_tutu (UID 65923) |
|---|
| Submission | 01/05/2025 17:19 (1 Year ago) |
|---|
| Moderation | 01/15/2025 13:23 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 291924 [D-Link DIR-878 1.03 HTTP POST Request /dllog.cgi information disclosure] |
|---|
| Points | 16 |
|---|