PT-2026-26108 · D Link · Wifi Extender Wdr201A
Mstreet97
·
Publicado
2026-03-18
·
Atualizado
2026-03-19
·
CVE-2026-30702
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WiFi Extender WDR201A versions LFMZX28040922V1.02 (HW V2.1)
Description
The WiFi Extender WDR201A has a flawed authentication process in its web management interface. The login page does not correctly validate sessions, enabling attackers to circumvent authentication by directly accessing restricted web application endpoints through forced browsing. This allows unauthorized access to the device's management functions.
Recommendations
Update to a newer firmware version that addresses the authentication issue.
Exploit
Correção
Improper Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wifi Extender Wdr201A