1 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 2

D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10). Los routers D-Link con la funcionalidad mydlink presentan algunas interfaces web sin requerimientos de autenticación. • https://github.com/xw77cve/CVE-2019-7642 https://github.com/xw77cve/CVE-2019-7642/blob/master/README.md • CWE-306: Missing Authentication for Critical Function •