Title : D-Link DSL Router "firmwarecfg" Remote Authentication Bypass VUPEN ID : VUPEN/ADV-2005-0573 CVE ID : CVE-2005-1680 CWE ID : CWE-
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-05-20
Technical Description
A vulnerability was identified in various D-Link Routers, which may be exploited by remote attackers to bypass the authentication procedure. The flaw is due to a design error in the "firmwarecfg" script that fails to handle certain authentication attemps, which may be exploited by attackers to gain unauthorized access to the network device.
