D-Link D-View Authentication Bypass Vulnerability
CVE-2024-5296
Currently unrated 🤨
Summary
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TokenUtils class. The issue results from a hard-coded cryptographic key. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-21991.
News Articles
Timeline
First article discovered by prophaze.com
Vulnerability published.
Collectors
NVD Database1 News Article(s)