Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
D-Link DIR devices Authentication Bypass Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Multiple D-Link DIR devices are prone to an authentication bypass vulnerability.
Insight
Insight
The SharePort Web Access on D-Link DIR devices allows authentication bypass through a direct request to folder_view.php or category_view.php.
Affected Software
Affected Software
Following devices and firmwares are affected: - D-Link DIR-868L REVB through version 2.03 - D-Link DIR-885L REVA through version 1.20 - D-Link DIR-895L REVA through version 1.21 Other devices and firmware versions may also be affected.
Detection Method
Detection Method
Tries to access sensitive pages without authentication.
Solution
Solution
No known solution is available as of 30th September, 2019. Information regarding this issue will be updated once solution details are available.