ID
VAR-200905-0434
TITLE
D-Link DIR-628 Router 'CAPTCHA' Security Bypass Weakness
Trust: 0.3
sources:
BID: 34956
DESCRIPTION
D-Link DIR-628 router is prone to a security-bypass weakness. Successful exploits will allow an attacker to authenticate without providing the right code for CAPTCHA. This may lead to other attacks. Note that to authenticate, a user is required to provide a valid MD5 hash of the password.
Trust: 0.3
sources:
BID: 34956
AFFECTED PRODUCTS
| vendor: | d link | model: | dir-628 | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 34956
THREAT TYPE
network
Trust: 0.3
sources:
BID: 34956
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 34956
EXTERNAL IDS
| db: | BID | id: | 34956 | Trust: 0.3 |
sources:
BID: 34956
REFERENCES
| url: | http://www.sourcesec.com/2009/05/12/d-link-captcha-partially-broken/ | Trust: 0.3 |
| url: | http://www.dlink.com/ | Trust: 0.3 |
sources:
BID: 34956
CREDITS
SourceSec Security Research
Trust: 0.3
sources:
BID: 34956
SOURCES
| db: | BID | id: | 34956 |
LAST UPDATE DATE
2022-05-17T02:04:05.502000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 34956 | date: | 2009-05-15T18:36:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 34956 | date: | 2009-05-14T00:00:00 |