Authentication Bypass Vulnerability in D-Link DIR-645 Firmware
CVE-2023-36089
9.8CRITICAL
What is CVE-2023-36089?
The D-Link DIR-645 firmware version 1.03 contains an authentication bypass vulnerability that allows remote attackers to gain escalated privileges. This flaw is due to improper handling of requests by the 'phpcgi_main' function in 'cgibin'. It is important to note that the vulnerability affects products that are no longer supported by D-Link, which may expose users to significant security risks if left unaddressed. Users are urged to seek alternative solutions or upgrade to supported devices to mitigate potential threats.