Broken Access Control in D-Link DAP-1325 Wireless Range Extender
Posted: Wed Dec 17, 2025 2:13 am
The D-Link DAP-1325 contains a vulnerability that allows attackers to exploit a broken access control mechanism. By accessing the /cgi-bin/ExportSettings.sh endpoint, unauthorized users can download sensitive device configuration settings without requiring any authentication. This exposes critical information that could undermine network security, making it vital for users to secure their devices against potential exploits.
https://securityvulnerability.io/vulner ... 2023-53896
https://securityvulnerability.io/vulner ... 2023-53896