An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-05T00:00:00
Updated: 2024-08-04T20:46:46.279Z
Reserved: 2019-02-04T00:00:00
Link: CVE-2019-7390
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-02-05T00:29:00.367
Modified: 2024-11-21T04:48:07.847
Link: CVE-2019-7390
Redhat
No data.