Joe Gray

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-601 version 1.02NA **Description** The issue is related to the authentication procedure in the D-Link DIR-601 router, which has shortcomings. This allows a remote attacker to bypass existing security restrictions. The password change process does not require the old password and occurs in cleartext. **Recommendations** For D-Link DIR-601 version 1.02NA, consider changing the password using a secure method to minimize the risk of exploitation. As a temporary workaround, restrict remote access to the device until a more secure authentication procedure is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.