| D-LINK DIR-845L router that allows information disclosure through the bsc_sms_inbox.php file. The vulnerability arises from improper handling of the include() function, which can be exploited by manipulating the $file variable. This allows attackers to include arbitrary PHP scripts and potentially retrieve sensitive information such as the router's username and password. |
