D-Link DIR-610 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Summary

D-Link DIR-610 suffers from exposure of sensitive information to an unauthorized actor vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10182


Details

UNSUPPORTED WHEN ASSIGNED  D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

 

Vulnerable Systems:

D-Link DIR-610

 

CVE Information:

CVE-2020-9376

 

Disclosure Timeline:
Published Date:7/9/2020

Categories: FeaturedNews