Authentication Bypass Vulnerability in D-Link DIR-130 and DIR-330 Routers

Authentication Bypass Vulnerability in D-Link DIR-130 and DIR-330 Routers

CVE-2017-3191 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login page can manipulate the POST request in such a manner as to access some administrator-only pages such as tools_admin.asp without credentials.

Learn more about our Web Application Penetration Testing UK.