CVE-2019-17353

An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:dlink:dir-615_firmware:20.05:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-615_firmware:20.07:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:32

Type Values Removed Values Added
References () https://github.com/d0x0/D-Link-DIR-615/blob/master/CVE-2019-17353 - Third Party Advisory () https://github.com/d0x0/D-Link-DIR-615/blob/master/CVE-2019-17353 - Third Party Advisory
References () https://us.dlink.com/en/security-advisory - Vendor Advisory () https://us.dlink.com/en/security-advisory - Vendor Advisory
References () https://www.dlink.com/en/security-bulletin - Vendor Advisory () https://www.dlink.com/en/security-bulletin - Vendor Advisory
References () https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf - Third Party Advisory, US Government Resource () https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf - Third Party Advisory, US Government Resource

Information

Published : 2019-10-09 12:15

Updated : 2024-11-21 04:32


NVD link : CVE-2019-17353

Mitre link : CVE-2019-17353

CVE.ORG link : CVE-2019-17353


JSON object : View

Products Affected

dlink

  • dir-615
  • dir-615_firmware
CWE
CWE-306

Missing Authentication for Critical Function