An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-05T00:00:00
Updated: 2024-08-04T20:46:46.207Z
Reserved: 2019-02-04T00:00:00
Link: CVE-2019-7388
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-02-05T00:29:00.277
Modified: 2024-11-21T04:48:07.540
Link: CVE-2019-7388
Redhat
No data.