all InfoSec news
D-Link D-View 8 Unauthenticated Probe-Core Server Communication
Tenable Research Advisories www.tenable.com
A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of info
An unauthenticated remote attacker can register a host of his/her choice as a Probe server by sending a 'probe-online' task to the Core server. The attacker can create many bogus, attacker-controlled Probe servers on the Core server, polluting the D-View …
attacker communication disclosure d-link host inventory issue link probe register result security server service unauthenticated