CVE-2023-44420
D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th
D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi executable. The issue results from an incorrect implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the device. Was ZDI-CAN-21100.
| CWE | CWE-303 |
| Vendor | d-link |
| Product | dir-x3260 |
| Published | May 3, 2024 |
| Last Updated | Aug 2, 2024 |
Stay Ahead of the Next One
Get instant alerts for d-link dir-x3260
Be the first to know when new high vulnerabilities affecting d-link dir-x3260 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Versions
D-Link / DIR-X3260
1.02B02