CVE-2021-46378

Name of the Vulnerable Software and Affected Versions D-Link DIR-850 versions ET850-1.08TRb03

Description The issue is related to errors in loading configuration files in the D-Link DIR-850 router's firmware. It allows a remote attacker to redirect users to an arbitrary URL due to an incorrect access control vulnerability. This can be exploited through an unauthenticated remote configuration download.

Recommendations For version ET850-1.08TRb03, update the firmware to a version that addresses the incorrect access control vulnerability. As a temporary workaround, consider restricting access to the configuration download feature to minimize the risk of exploitation.