PT-2026-26108 · D Link · Wifi Extender Wdr201A
Mstreet97
·
Published
2026-03-18
·
Updated
2026-03-19
·
CVE-2026-30702
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WiFi Extender WDR201A versions LFMZX28040922V1.02 (HW V2.1)
Description
The WiFi Extender WDR201A has a flawed authentication process in its web management interface. The login page does not correctly validate sessions, enabling attackers to circumvent authentication by directly accessing restricted web application endpoints through forced browsing. This allows unauthorized access to the device's management functions.
Recommendations
Update to a newer firmware version that addresses the authentication issue.
Exploit
Fix
Improper Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wifi Extender Wdr201A