Authentication Bypass Vulnerability in D-Link DIR-600M Firmware 3.04

CVE-2017-9100 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.

Learn more about our Web Application Penetration Testing UK.