Shuanunio

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-859 router versions A3 1.05 and earlier **Description** A vulnerability in the D-Link DIR-859 router permits unauthorized individuals to bypass authentication. An attacker can obtain a user name and password by forging a post request to the "/getcfg.php" page. **Recommendations** For D-Link DIR-859 router versions A3 1.05 and earlier, consider updating the firmware to a version later than A3 1.05 as a permanent solution. As a temporary workaround, consider restricting access to the "/getcfg.php" page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TP-Link Archer c20 router versions prior to V6.6 230412 **Description** A flaw exists in the TP-Link Archer c20 router that allows unauthorized access by bypassing authentication for certain interfaces located under the `/cgi` directory. This bypass is achieved by adding the `Referer: http://tplinkwifi.net` header to requests. The supplier disputes the severity of this issue, stating that the API call response only contains "non-sensitive UI initialization variables." **Recommendations** Update the firmware to version V6.6 230412 or later.

**Name of the Vulnerable Software and Affected Versions** TP-Link WR840N V6 router versions 0.9.1 4.16 and earlier **Description** A vulnerability in the TP-Link WR840N V6 router permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi directory. When adding a `Referer` header with the value `http://tplinkwifi.net` to the request, it will be recognized as passing the authentication. **Recommendations** For TP-Link WR840N V6 router versions 0.9.1 4.16 and earlier, consider disabling access to the `/cgi` directory until a patch is available. Restrict access to the router's web interface to minimize the risk of exploitation. Avoid using the `Referer` header with the value `http://tplinkwifi.net` in requests to the router's web interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetGear DGN2200 router versions V1.0.0.46 and earlier **Description** A vulnerability in the Netgear DGN2200 router permits unauthorized individuals to bypass authentication. By adding "?x=1.gif" to the requested URL, it will be recognized as passing the authentication. **Recommendations** For versions V1.0.0.46 and earlier, as a temporary workaround, consider restricting access to the router's web interface until a patch is available. Avoid using the URL parameter `?x=1.gif` in the affected router's web interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ipTIME A2004 version 12.17.0 **Description** An access control issue in the component /login/hostinfo.cgi allows attackers to obtain sensitive information without authentication. **Recommendations** For ipTIME A2004 version 12.17.0, consider disabling access to the /login/hostinfo.cgi component until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ipTIME A2004 version 12.17.0 **Description** An access control issue in the component "/login/hostinfo2.cgi" of ipTIME A2004 allows attackers to obtain sensitive information without authentication. **Recommendations** For ipTIME A2004 version 12.17.0, as a temporary workaround, consider disabling access to the "/login/hostinfo2.cgi" component until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear WNR614 version 1.1.0.28 1.0.1WW **Description** A critical issue affects the URL Handler component, allowing for improper authentication. The manipulation of the input `%00currentsetting.htm` can lead to this issue. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue has been circulating as a 0day since 2024. **Recommendations** For Netgear WNR614 version 1.1.0.28 1.0.1WW, consider restricting access to the URL Handler component until a patch is available. Avoid using the input `%00currentsetting.htm` in the affected URL Handler to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.