CVE-2023-53974

High CVSS: 8.8

D-Link DSL-124 ME_1.00 contains a configuration file disclosure vulnerability that allows unauthenticated attackers to retrieve router settings through a POST request. Attackers can send a specific POST request to the router's configuration endpoint to download a complete backup file containing sensitive network credentials and system configurations.

Vendor

Dlink

Product

Dsl-124 Firmware

CWE

CWE-306

Yayın Tarihi

2025-12-22 22:16:02

Güncelleme

2025-12-26 16:14:34

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-306 Dsl-124 Firmware HIGH Dlink 2025

Referanslar

https://dlinkmea.com/index.php/product/details?det=dU1iNFc4cWRsdUpjWEpETFlSeFlZdz09 https://www.dlink.com https://www.exploit-db.com/exploits/51129 https://www.vulncheck.com/advisories/d-link-dsl-me-backup-configuration-file-disclosure-via-unauthenticated-request https://www.exploit-db.com/exploits/51129

Benzer Kayıtlar

High

CVE-2026-5214

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-32…

Medium

CVE-2026-5215

A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…

High

CVE-2026-5213

A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…

High

CVE-2026-5212

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…

High

CVE-2026-5211

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, D…

High

CVE-2026-5024

A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formS…