coldwx

CVE-2024-40505

The administrator password is disclosed via hedwig.cgi. This allows full admin control of the hardware.

The D-Link DAP-1650 WiFi extender is an End-of-Life (“EOL”) product. There will be no futher updates.

Reference: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10266