CVE-2022-43621

Name of the Vulnerable Software and Affected Versions D-Link DIR-1935 version 1.03

Description The issue is related to the implementation of the Home Network Administration Protocol (HNAP) in the D-Link DIR-1935 router's firmware, specifically with the authentication procedure. This allows a remote attacker to bypass security restrictions. The flaw exists within the handling of HNAP login requests due to an incorrectly implemented comparison, enabling an attacker to bypass authentication on the system.

Recommendations For D-Link DIR-1935 version 1.03, as a temporary workaround, consider restricting access to the HNAP login requests until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.