PT-2023-5698 · D Link · D-Link Dir-X3260
Nicholas Zubrisky
·
Published
2023-10-04
·
Updated
2024-05-04
·
CVE-2023-44420
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-X3260 (affected versions not specified)
Description
This issue allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi executable, resulting from an incorrect implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the device, gaining full access without requiring authentication.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
D-Link Dir-X3260