Authentication Bypass Vulnerability in D-Link DSL-2640B by D-Link
CVE-2020-9277
9.8CRITICAL
Summary
A vulnerability has been identified in D-Link DSL-2640B B2 EU_4.01B devices that allows an attacker to bypass authentication when accessing various cgi modules. This significant security flaw enables unauthorized users to perform administrative tasks such as changing the admin password without the need for proper authentication. These exploits can compromise the integrity and security of the device, potentially leading to larger network security issues.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved