D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the cgi_set_wto command in the cmd parameter, and setting the spawned session's cookie to username=admin.
2017-08-25T18:29:00.230
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | d-link | dns-322l_firmware | ≤ 2.00b07 | Yes |
| Hardware | dlink | dns-322l | - | No |
| Operating System | d-link | dns-325_firmware | ≤ 1.05b03 | Yes |
| Hardware | dlink | dns-325 | - | No |
| Operating System | d-link | dns-345_firmware | ≤ 1.03b06 | Yes |
| Hardware | dlink | dns-345 | - | No |
| Operating System | d-link | dns-320b_firmware | ≤ 1.02b01 | Yes |
| Hardware | dlink | dns-320b | - | No |
| Operating System | d-link | dnr-326_firmware | ≤ 1.40b03 | Yes |
| Hardware | dlink | dnr-326 | - | No |
| Operating System | d-link | dns-327l_firmware | ≤ 1.02 | Yes |
| Hardware | dlink | dns-327l | - | No |
| Operating System | d-link | dns-320l_firmware | ≤ 1.03b04 | Yes |
| Hardware | dlink | dns-320l | - | No |