Improper Access Control in D-Link DIR-816 Router
CVE-2024-13107
6.9MEDIUM
What is CVE-2024-13107?
A vulnerability has been identified in the D-Link DIR-816 A2 router that allows for the potential exploitation of access controls through the component ACL Handler, particularly the file /goform/form2LocalAclEditcfg.cgi. This vulnerability could permit unauthorized remote access, compromising the integrity and security of the device. An exploit has been publicly disclosed, raising awareness about the possible risks involved. Users are encouraged to review their configurations and apply necessary security measures to safeguard their networks.
Affected Version(s)
DIR-816 A2 1.10CNB05_R1B011D88210
References
CVSS V4
Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
wxhwxhwxh_tutu (VulDB User)