Vulnerabilities > CVE-2005-1680 - Unspecified vulnerability in D-Link products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

d-link

NVD

Published: 2005-05-20

Updated: 2024-11-20

Summary

D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address.

Vulnerable Configurations

Part	Description	Count
Hardware	D-Link D Link DSL 504T * D Link DSL 562T * D Link DSL G604T * D Link DSL 502T *	4

References

http://marc.info/?l=bugtraq&m=111652806030943&w=2
http://marc.info/?l=bugtraq&m=111652806030943&w=2
http://www.vupen.com/english/advisories/2005/0573
http://www.vupen.com/english/advisories/2005/0573