Felix Richter

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 version 4.03B07 Description: The issue is related to a security bypass in the cli.cgi module due to a failure to check authentication parameters. Recommendations: For D-Link DIR-100 version 4.03B07, consider restricting access to the cli.cgi module until a patch is available. Avoid using the cli.cgi module for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 version 4.03B07 Description: The issue is related to a security bypass due to an error in the `cliget.cgi` script. Recommendations: For D-Link DIR-100 version 4.03B07, consider restricting access to the `cliget.cgi` script as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 version 4.03B07 Description: The issue concerns a CSRF vulnerability in the cli.cgi endpoint. Recommendations: For D-Link DIR-100 version 4.03B07, consider restricting access to the cli.cgi endpoint as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 version 4.03B07 Description: The issue concerns information disclosure related to PPTP and PoE on the affected device. Recommendations: For D-Link DIR-100 version 4.03B07, update to a newer version that addresses the information disclosure issue.