CVE-2013-4772

Name of the Vulnerable Software and Affected Versions D-Link DIR-505L SharePort Mobile Companion version 1.01 D-Link DIR-826L Wireless N600 Cloud Router version 1.02

Description The issue allows remote attackers to bypass authentication via a direct request when an authorized session is active. This means that if there is an active authorized session, an unauthorized user can send a direct request to gain access without being authenticated.

Recommendations For D-Link DIR-505L SharePort Mobile Companion version 1.01, consider restricting access to the device when not in use to minimize the risk of exploitation. For D-Link DIR-826L Wireless N600 Cloud Router version 1.02, restrict access to the router's web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.