Devendra Singh Solanki

**Name of the Vulnerable Software and Affected Versions** Zyxel NBG-418N v2 version V1.00(AARP.9)C0 **Description** The issue allows direct access to the wan.htm page without authentication, potentially leading to information disclosure about the WAN. An attacker can also modify data fields on this page. **Recommendations** For Zyxel NBG-418N v2 version V1.00(AARP.9)C0, consider restricting access to the wan.htm page until a fix is available. As a temporary workaround, limit modifications to the data fields on this page to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600M versions 3.02 through 3.06 **Description** An issue was discovered related to the wan.htm component, which can be accessed directly without authentication. This can lead to the disclosure of information about the WAN and can also be leveraged by an attacker to modify the data fields of the page. The vulnerability is associated with authentication errors in the D-Link DIR-600M Wi-Fi router's firmware. Exploitation of the vulnerability can allow a remote attacker to gain unauthorized access to protected information and modify configuration settings. **Recommendations** For versions 3.02 through 3.06, consider restricting access to the wan.htm page until a patch is available. As a temporary workaround, avoid using the wan.htm page for configuration changes to minimize the risk of exploitation.