Access Control Flaw in D-Link Router Models Enabling Unauthorized Configuration
CVE-2024-57679
Currently unrated
Summary
An access control issue in the form2RepeaterSetup.cgi component of D-Link 816A2 firmware allows unauthorized attackers to exploit the device's configuration. By sending specially crafted POST requests, these attackers can manipulate the settings for both the 2.4G and 5G repeater services. This vulnerability presents a significant risk as it allows for unauthorized alterations, compromising the integrity and security of the device. Immediate attention is recommended for users to secure their routers against possible exploitation.
References
Timeline
Vulnerability published
Vulnerability Reserved