Web Proxy Service Vulnerability on D-Link DIR-100 Devices
CVE-2008-4133

Currently unrated

Key Information:

Vendor: D-link
Status: Dir-100
Vendor: CVE Published:; 19 September 2008

Summary

The web proxy service on D-Link DIR-100 devices with firmware version 1.12 and earlier contains a vulnerability that fails to adequately filter web requests containing long URLs. This security flaw enables remote attackers to manipulate web requests in a manner that allows them to bypass predefined web restriction filters, potentially granting unauthorized access to restricted content.

References

http://www.securityfocus.com/bid/31050

vdb-entryx_refsource_BID

http://secunia.com/advisories/31767

third-party-advisoryx_refsource_SECUNIA

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 19, 2008
Vulnerability Reserved
Sep 19, 2008