Posted by Karn Ganeshen on Feb 03
DLink DVGN5402SP File Path Traversal, Weak Credentials Management, and
Sensitive Info Leakage Vulnerabilities
*Timelines*
Reported to CERT + Vendor: August 2015
Dlink released beta release: Oct 23, 2015
New fix release: MD5 (GRNV6.1U23J-83-DL-R1B114-SG_Normal.EN.img) =
04fd8b901e9f297a4cdbea803a9a43cb
No public disclosure till date – Dlink waiting for Service providers to ask
for new release + CERT opted out
*Vulnerable Models, Firmware,…