CNNVD-202512-3921 Information

CNNVD ID

CNNVD-202512-3921

Related CVE

CVE-2023-53974

• CNNVD Published: 2025-12-22

Description (Chinese)

D-Link DSL-124是中国友讯（D-Link）公司的一款光猫路由一体机。 D-Link DSL-124 ME_1.00版本存在访问控制错误漏洞，该漏洞源于配置文件泄露问题，可能导致未经验证的攻击者通过POST请求获取路由器设置。

Description (English)

D-Link DSL-124 is a one-size-fits-all light-cat router of D-Link. Version D-Link DSL-124 ME 1.00 contains access control bugs that stem from the leak of the configuration file and may lead to uncertified assailants requesting router settings through POST.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

友讯

Published

2025-12-22

Last Modified

2026-02-24

References

https://dlinkmea.com/index.php/product/details?det=dU1iNFc4cWRsdUpjWEpETFlSeFlZdz09 https://www.dlink.com https://www.exploit-db.com/exploits/51129 https://www.vulncheck.com/advisories/d-link-dsl-me-backup-configuration-file-disclosure-via-unauthenticated-request