15 Déc 2017
CVE-2017-3192 - CVE Vulnerability
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 encoding in the returned web page. A remote attacker with access to this page (potentially through a authentication bypass such as CVE-2017-3191) may obtain administrator credentials for the device. (CVSS:0.0) (Last Update:2017-12-15)
Vulnerability Details : D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 encoding in the returned web page. A remote attacker with access to this page (potentially through a authentication bypass such as CVE-2017-3191) may obtain administrator credentials for the device. Publish Date : 2017-12-15 Last Update Date : 2017-12-15 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-3192
- References For CVE-2017-3192 | |||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-3192There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |