Vulnerabilities > CVE-2002-1069 - Remote Administration Arbitrary DHCP Address Release vulnerability in D-Link Di-804 4.68

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

d-link

NVD

Published: 2002-10-04

Updated: 2016-10-18

Summary

The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information.

Vulnerable Configurations

Part	Description	Count
Hardware	D-Link D Link DI 804 4.68	1

References

http://marc.info/?l=bugtraq&m=103004834131542&w=2
http://online.securityfocus.com/archive/1/288584
http://www.iss.net/security_center/static/9967.php
http://www.iss.net/security_center/static/9969.php
http://www.securityfocus.com/bid/5544
http://www.securityfocus.com/bid/5553