PT-2026-22152 · D Link · D-Link Wireless N 300 Adsl2+ Modem Router Dsl-124 Me
Published
2026-02-26
·
Updated
2026-03-03
·
CVE-2025-71057
CVSS v3.1
8.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME version 1.00
Description
The device suffers from improper session management, which allows attackers to perform a session hijacking attack. This is achieved by spoofing the IP address of an authenticated user.
Recommendations
Update D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME to a newer version that addresses this issue.
Exploit
Fix
Improper Authentication
Session Fixation
Insufficient Verification of Data Authenticity
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
D-Link Wireless N 300 Adsl2+ Modem Router Dsl-124 Me