D-Link DIR-859 漏洞列表

A critical information disclosure vulnerability exists in D-Link devices where sensitive device account information including credentials can be retrieved by sending an unauthenticated request to `/getcfg.php` endpoint with the parameter `SERVICES=DEVICE.ACCOUNT`. This could allow attackers to obtain administrative credentials and gain full control of the affected device.