login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.
2017-05-21T04:29:00.180
2025-04-20T01:37:25.860
Deferred
CVSSv3.1: 8.8 (HIGH)
AV:A/AC:L/Au:N/C:C/I:C/A:C
6.5
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | dlink | dir-600m_firmware | 3.04 | Yes |
Hardware | dlink | dir-600m | - | No |