CVE-2018-10957

Name of the Vulnerable Software and Affected Versions D-Link DIR-868L (affected versions not specified)

Description The issue is related to a CSRF (Cross-Site Request Forgery) attack, which can be exploited by a remote attacker. This could allow the attacker to perform actions such as changing the Admin password. The components hedwig.cgi and pigwidgeon.cgi are affected by this issue.

Recommendations For D-Link DIR-868L devices, consider disabling the hedwig.cgi and pigwidgeon.cgi components as a temporary workaround until a patch is available. Restrict access to the affected components to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.