An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-02-05T00:00:00

Updated: 2024-08-04T20:46:46.207Z

Reserved: 2019-02-04T00:00:00

Link: CVE-2019-7388

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-02-05T00:29:00.277

Modified: 2024-11-21T04:48:07.540

Link: CVE-2019-7388

cve-icon Redhat

No data.