CVE-2019-17353
Severity Score
8.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
Se detectó un problema en los dispositivos D-Link DIR-615 con la versión de firmware 20.05 y 20.07. La página wan.htm puede ser accedida directamente sin autenticación, lo que puede conllevar a la divulgación de información sobre la WAN, y también puede ser aprovechada por un atacante para modificar los campos de datos de la página.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-10-08 CVE Reserved
- 2019-10-09 CVE Published
- 2024-08-05 CVE Updated
- 2024-10-02 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-306: Missing Authentication for Critical Function
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://github.com/d0x0/D-Link-DIR-615/blob/master/CVE-2019-17353 | Third Party Advisory | |
| https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://us.dlink.com/en/security-advisory | 2021-04-23 | |
| https://www.dlink.com/en/security-bulletin | 2021-04-23 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dlink Search vendor "Dlink" | Dir-615 Firmware Search vendor "Dlink" for product "Dir-615 Firmware" | 20.05 Search vendor "Dlink" for product "Dir-615 Firmware" and version "20.05" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-615 Search vendor "Dlink" for product "Dir-615" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dir-615 Firmware Search vendor "Dlink" for product "Dir-615 Firmware" | 20.07 Search vendor "Dlink" for product "Dir-615 Firmware" and version "20.07" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dir-615 Search vendor "Dlink" for product "Dir-615" | - | - |
Safe
|