CVE-2024-3843821.07.2024, 08:15D-Link - CWE-294: Authentication Bypass by Capture-replayEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST9.8 CRITICALNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HINCDCNA9.8 CRITICALNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCISA-ADPADP------CVEADP------Awaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: 68%Common Weakness EnumerationCWE-294 - Authentication Bypass by Capture-replayA capture-replay flaw exists when the design of the software makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).Referenceshttps://www.gov.il/en/Departments/faq/cve_advisorieshttps://www.gov.il/en/Departments/faq/cve_advisories