Authentication Bypass in D-Link DAP-1360 Router
CVE-2014-10026

Currently unrated

Key Information:

Vendor: D-Link
Status: Dap-1360 Firmware
Vendor: CVE Published:; 13 January 2015

Summary

The D-Link DAP-1360 device, running firmware version 2.5.4 or earlier, is vulnerable to an authentication bypass issue. This flaw allows remote attackers to manipulate the client_login cookie, setting it to 'admin' and thereby gaining unauthorized access to sensitive information without proper authentication. Such exploitation can lead to significant security breaches, affecting the integrity and confidentiality of the device's data.

References

http://seclists.org/fulldisclosure/2014/Nov/19

mailing-listx_refsource_FULLDISC

http://websecurity.com.ua/7179/

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 13, 2015