Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the user sent the request. If this value is equal to the value stored in the device's /var/hnap/timestamp file, the request will pass the HNAP_AUTH check function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link DAP-1860 授权问题漏洞
Vulnerability Description
D-Link DAP-1860是中国台湾友讯(D-Link)公司的一款WiFi范围扩展器。 D-Link DAP-1860 1.04b03之前版本中存在安全漏洞。攻击者可借助HNAP_AUTH头中的时间戳值利用该漏洞未经身份验证便可访问管理员功能。
CVSS Information
N/A
Vulnerability Type
N/A