VYPR
Critical severity9.8NVD Advisory· Published Dec 16, 2017· Updated Jun 17, 2026

CVE-2017-3192

CVE-2017-3192

Description

D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 encoding in the returned web page. A remote attacker with access to this page (potentially through a authentication bypass such as CVE-2017-3191) may obtain administrator credentials for the device.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.