Auth bypass in Dlink Dir-505l_shareport_mobile_companion

CVE-2013-4772

D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless N600 Cloud Router 1.02 allows remote attackers to bypass authentication via a direct request when an authorized session is active.

Vulnerability class: Broken Authentication

EPSS: 0.001 (34.1th percentile) — read the EPSS interpretation.

Affected products

Dlink Dir-505l_shareport_mobile_companion — versions a1
Dlink Dir-505l_shareport_mobile_companion_firmware — versions 1.01
Dlink Dir-826l_wireless_n600_cloud_router — versions a1
Dlink Dir-826l_wireless_n600_cloud_router_firmware — versions 1.02
N/a — versions n/a

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

cve@mitre.org (x_refsource_MISC)