Authentication Bypass Vulnerability in Web Interface Allowing Man-in-the-Middle Attack

Vulnerability

A vulnerability exists in the web interface due to improper implementation of the authentication mechanism. This flaw allows attackers to bypass authentication checks by sending a crafted post request with new settings, as there is no session token or authentication enforced. Exploiting this vulnerability could enable an attacker to redirect the device's domain name resolution to an arbitrary address, potentially facilitating a man-in-the-middle (MitM) attack.

Impact

Exploitation of this vulnerability could lead to unauthorized access and manipulation of device settings, with the potential to conduct man-in-the-middle attacks by intercepting and altering communications.

Added: Dec 13, 2025, 4:34 PM

Updated: Dec 13, 2025, 4:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

5.9

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

5.9

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Authentication Bypass Vulnerability in Web Interface Allowing Man-in-the-Middle Attack

Vulnerability

Impact

Affected Products

DIVD

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating