Authentication Bypass Vulnerability in D-Link DSL-2640B B2 EU_4.01B Devices

CVE-2020-9277 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin password) with no authentication.

Learn more about our Web Application Penetration Testing UK.