Unrated severityNVD Advisory· Published May 20, 2005· Updated Apr 16, 2026

CVE-2005-1680

Description

D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address.

Affected products

D-Link/Dsl 502t
cpe:2.3:h:d-link:dsl-502t:*:*:*:*:*:*:*:*
D-Link/Dsl 504t
cpe:2.3:h:d-link:dsl-504t:*:*:*:*:*:*:*:*
D-Link/Dsl 562t
cpe:2.3:h:d-link:dsl-562t:*:*:*:*:*:*:*:*
D-Link/Dsl G604t
cpe:2.3:h:d-link:dsl-g604t:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

marc.infonvd
www.vupen.com/english/advisories/2005/0573nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000