CVE-2021-33259

Name of the Vulnerable Software and Affected Versions D-Link DIR-868LW version 1.12b

Description The issue is related to weaknesses in the authentication procedure of the D-Link DIR-868LW router's web interface. This allows a remote attacker to obtain users' DNS query history due to the lack of authentication requirements for access to several web interfaces.

Recommendations For D-Link DIR-868LW version 1.12b, consider restricting access to the web interface until a patch is available. As a temporary workaround, limit the exposure of the device to the internet to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.