Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Authentication Bypass
D-Link
Dir 868Lw Firmware
NVD
GitHub
VulDB
CVSS 3.1
5.3
EPSS
2.2%