N/A

Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router with firmware before 2.06.B09_BETA allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) change the network policy, or (3) possibly have other unspecified impact via crafted requests to hedwig.cgi and pigwidgeon.cgi.

N/A

N/A

D-Link DIR-816L Wireless路由器跨站请求伪造漏洞

D-Link DIR-816L是友讯（D-Link）公司的一款无线路由器产品。 使用2.06.B09_BETA之前版本固件的D-Link DIR-816L Wireless路由器中存在跨站请求伪造漏洞。远程攻击者可通过向hedwig.cgi和pigwidgeon.cgi文件发送特制的请求利用该漏洞更改管理员密码和网络策略。

N/A

N/A