> [Suggested description] > An issue was discovered on D-Link DIR-890L A2 devices. > Due to the predictability of the /docs/captcha_(number).jpeg URI, > being local to the network, but unauthenticated to the administrator's > panel, an attacker can disclose the CAPTCHAs used by the access point > and can elect to load the CAPTCHA of their choosing, leading to > unauthorized login attempts to the access point. > > ------------------------------------------ > > [Vulnerability Type] > Incorrect Access Control > > ------------------------------------------ > > [Vendor of Product] > D-Link > > ------------------------------------------ > > [Affected Product Code Base] > DIR-890L - A2 > > ------------------------------------------ > > [Affected Component] > Due to the predictability in the /docs/captcha_(number).jpeg while > loading the CAPTCHA, an attacker can change the CAPTCHA to load and > can load the same CAPTCHA each time. > > ------------------------------------------ > > [Attack Type] > Local > > ------------------------------------------ > > [Impact Information Disclosure] > true > > ------------------------------------------ > > [CVE Impact Other] > Predictability of CAPTCHA resulting in unauthorized login attempts to the access point > > ------------------------------------------ > > [Attack Vectors] > An attacker must be local to the network but unauthenticated to the administrator's panel. > > ------------------------------------------ > > [Has vendor confirmed or acknowledged the vulnerability?] > true > > ------------------------------------------ > > [Discoverer] > Kevin Randall
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
