Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
D-Link DSL-124 ME_1.00 Backup Configuration File Disclosure via Unauthenticated Request
Vulnerability Description
D-Link DSL-124 ME_1.00 contains a configuration file disclosure vulnerability that allows unauthenticated attackers to retrieve router settings through a POST request. Attackers can send a specific POST request to the router's configuration endpoint to download a complete backup file containing sensitive network credentials and system configurations.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
D-Link DSL-124 访问控制错误漏洞
Vulnerability Description
D-Link DSL-124是中国友讯(D-Link)公司的一款光猫路由一体机。 D-Link DSL-124 ME_1.00版本存在访问控制错误漏洞,该漏洞源于配置文件泄露问题,可能导致未经验证的攻击者通过POST请求获取路由器设置。
CVSS Information
N/A
Vulnerability Type
N/A