A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer=V100R001B012 FWVer=3.10.0.24 FirmVer=TT_77616E6771696F6E67) allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Dsl-3782_firmware | Dlink | 3.10.0.24 (including) | 3.10.0.24 (including) |