Alessandro Audero

**Name of the Vulnerable Software and Affected Versions** D-Link DSL-504T (affected versions not specified) **Description** The issue allows remote attackers to bypass authentication and gain privileges. This can be achieved by making a direct request to the "firmwarecfg" endpoint. As a result, attackers can perform actions such as upgrading firmware, restarting the router, or restoring a saved configuration. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DSL-504T (affected versions not specified) **Description** The issue allows remote attackers to obtain sensitive information because usernames and passwords are stored in cleartext in the router configuration file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.