Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utilized by an attacker to retrieve various sensitive information, such as admin login credentials, by setting the value of _POST_SERVICES in the query string to DEVICE.ACCOUNT.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
DIR-816L 访问控制错误漏洞
Vulnerability Description
D-Link DIR-816L是中国友讯(D-Link)公司的一款无线路由器。 D-Link DIR-816L 2.x版本至1.10b04Beta02之前版本存在访问控制错误漏洞。攻击者利用该漏洞检索各种敏感信息,例如管理员登录凭据。
CVSS Information
N/A
Vulnerability Type
N/A