Описание
An unauthenticated Local File Inclusion (LFI) vulnerability in D-Link DSR series routers allows remote attackers to retrieve sensitive configuration files in clear text. The exposed files contain administrative credentials, VPN settings, and other sensitive information, enabling full administrative access to the router. Affected Products include: DSR-150, DSR-150N, and DSR-250N v1.09B32_WW.
EPSS
6.6 Medium
CVSS3
Дефекты
Связанные уязвимости
An unauthenticated Local File Inclusion (LFI) vulnerability in D-Link DSR series routers allows remote attackers to retrieve sensitive configuration files in clear text. The exposed files contain administrative credentials, VPN settings, and other sensitive information, enabling full administrative access to the router. Affected Products include: DSR-150, DSR-150N, and DSR-250N v1.09B32_WW.
Уязвимость компонента Setting Handler микропрограммного обеспечения маршрутизаторов D-Link DSR-150, DSR-150N и DSR-250, позволяющая нарушителю получить полный доступ к устройствам
EPSS
6.6 Medium
CVSS3