CNNVD-202601-3365 Information
CNNVD ID
CNNVD-202601-3365
Related CVE
- CNNVD Published: 2026-01-21
Description (Chinese)
D-Link D-View 8是中国友讯(D-Link)公司的一款综合网络管理软件。 D-Link D-View 8 2.0.1.107及之前版本存在安全漏洞,该漏洞源于后端API端点访问控制不当,可能导致任意经过身份验证的用户检索其他用户的敏感凭据数据。
Description (English)
D-Link D-View 8 is a comprehensive network management software for the Chinese company D-Link. D-Link D-View 8 2.0.1.107 and previous versions contain a security loophole, which stems from poor back-end API end-point access controls and may lead to randomly authenticated users retrieving other users ’ sensitive supporting data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
友讯
Published
2026-01-21
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/dlink-dview-8-idor-allows-credential-disclosure-and-account-takeover https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10471 https://access.redhat.com/security/cve/cve-2026-23754
Patch
https://dview.dlink.com/freetrial
Share on: