VULNERABILITIES / FIXES - March 01, 2013
by Carol~ - 3/1/13 7:07 AM
D-Link DIR-645 Information Disclosure Security Issue
Release Date : 2013-03-01
Criticality level : Less critical
Impact : Exposure of sensitive information
Where : From local network
Solution Status : Vendor Patch
Operating System: D-Link DIR-645 1.x
Roberto Paleari has reported a security issue in D-Link DIR-645, which can be exploited by malicious people to disclose sensitive information.
The security issue is caused due to the application not restricting access to certain scripts, which can be exploited to e.g. disclose administrative credentials.
The security issue is reported in version 1.02. Other versions may also be affected.
Reportedly fixed in version 1.03.
Provided and/or discovered by: