![dlink dir-300]()
CVE-2011-4723 is a vulnerability in D-Link Dir 300
Published on December 20, 2011
The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.
Known Exploited Vulnerability
This D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.
The following remediation steps are recommended / required by September 29, 2022: The impacted product is end-of-life and should be disconnected if still in use.
Vulnerability Analysis
Weakness Type
Cleartext Storage of Sensitive Information
The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere. Because the information is stored in cleartext, attackers could potentially read it. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.
Products Associated with CVE-2011-4723
Want to know whenever a new CVE is published for D-Link Dir 300? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.