Security Advisory

CVE-2023-53896

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-16 17:06:19

Last updated 2026-04-07 14:07:20

Assigner VulnCheck

State PUBLISHED

Description

D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attackers to download device configuration settings without authentication. Attackers can exploit the /cgi-bin/ExportSettings.sh endpoint to retrieve sensitive configuration information by directly accessing the export settings script.

← Browse all CVEs View on cve.org ↗