1 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1
CVE-2019-16340
https://notcve.org/view.php?id=CVE-2019-16340
Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI. Los dispositivos Belkin Linksys Velop versión 1.1.8.192419, permiten a atacantes remotos detectar la clave de recuperación mediante una petición directa para el URI /sysinfo_json.cgi. • http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt https://puzzor.github.io/Linksys-Velop-Authentication-bypass https://www.linksys.com/us/support-article?articleNum=207568 • CWE-425: Direct Request ('Forced Browsing') •