Intrusion Prevention

D-Link.DIR-130.Firmware.Credentials.Disclosure

Description

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in D-Link DIR-130 firmware and DIR-330 firmware.
The vulnerability is due to improper authentication in the application. A remote attacker can exploit this to access sensitive information, such as admin credentials, on the affected devices.

Affected Products

D-Link DIR-130 firmware version 1.23 and earlier
DIR-330 firmware version 1.12 and earlier

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems

Recommended Actions

Currently, we are unaware of any vendor supplied patch for this issue.

CVE References

CVE-2017-3191 CVE-2017-3192