Description
The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information.
Affected products
- D-Link / di-8044.68 – 4.68
References
- MISChttp://www.iss.net/security_center/static/9969.php
- MISChttp://online.securityfocus.com/archive/1/288584
- MISChttp://www.iss.net/security_center/static/9967.php
- MISChttp://www.securityfocus.com/bid/5553
- MAILING_LISThttp://marc.info/?l=bugtraq&m=103004834131542&w=2
- MISChttp://www.securityfocus.com/bid/5544