PT-2002-2075 · D Link · D-Link Di-804

Published

2002-08-31

Updated

2016-10-18

CVE-2002-1069

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: D-Link DI-804 router version 4.68

Description: The issue allows remote attackers to bypass authentication and obtain sensitive information or release DHCP addresses by making a direct web request to certain pages, including "release.htm", "Device Status", or "Device Information".

Recommendations: For D-Link DI-804 router version 4.68, consider restricting access to the remote administration capability until a fix is available. As a temporary workaround, limit access to the affected pages, such as "release.htm", "Device Status", and "Device Information", to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1069

Affected Products

D-Link Di-804

PT-2002-2075 · D Link · D-Link Di-804

CVE-2002-1069

Related Identifiers

Affected Products

References · 7