D-Link DSL-124 Wireless N 300 ADSL2+ Modem Router Session Hijacking Vulnerability

Vulnerability

A session management vulnerability has been identified in the D-Link Wireless N 300 ADSL2+ Modem Router DSL-124, specifically in the ME_1.00 firmware version. This vulnerability allows attackers to execute session hijacking attacks by spoofing the IP address of an authenticated user. The router's web interface lacks proper session management, relying solely on IP addresses for authentication, which can be exploited by attackers on the local network to gain unauthorized administrative access.

Impact

Exploitation of this vulnerability allows for unauthorized administrative access to the router's web management interface, enabling attackers to perform arbitrary administrative actions without valid credentials.

Added: Feb 26, 2026, 4:48 PM

Updated: Feb 26, 2026, 8:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.2

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.2

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DSL-124 Wireless N 300 ADSL2+ Modem Router Session Hijacking Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating