Information Disclosure Vulnerability in D-Link 816A2 Firmware
CVE-2024-57682

Currently unrated

Key Information:

Vendor: D-Link
Status: D-Link 816A2 Firmware
Vendor: CVE Published:; 16 January 2025

Summary

An information disclosure vulnerability exists in the d_status.asp component of the D-Link 816A2 firmware, allowing unauthorized attackers to glean sensitive information. This vulnerability is exploited through a specially crafted POST request, posing risks to users who may unknowingly expose critical data. It is crucial for users of the affected firmware to implement necessary safeguards and monitor for updates that mitigate this type of exploitation.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/abcdefg-png/IoT-vulnerable/blob/main/U...

Timeline

Vulnerability published
Jan 16, 2025
Vulnerability Reserved
Jan 9, 2025