CVE-2023-36089

Name of the Vulnerable Software and Affected Versions D-Link DIR-645 version 1.03

Description The issue is related to an Authentication Bypass vulnerability that allows remote attackers to gain escalated privileges. This is due to insufficient access control in the phpcgi main function in cgibin. The vulnerability can be exploited by remote attackers to bypass security restrictions and elevate their privileges. It is noted that this vulnerability only affects products that are no longer supported by the maintainer.

Recommendations For D-Link DIR-645 version 1.03, as a temporary workaround, consider disabling the phpcgi main function in cgibin to minimize the risk of exploitation. However, since the product is no longer supported by the maintainer, there is no information about a newer version that contains a fix for this vulnerability.