CVE-2019-6961
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator) by sending an HTTP POST to the PHP backend, because the page filtering for non-superuser (in header.php) is done only for GET requests and not for direct AJAX calls.
Control de acceso incorrecto en actionHandlerUtility.php en el RDK RDKB-20181217-1 El módulo WebUI permite que un usuario registrado controle DDNS, QoS, RIP y otras configuraciones privilegiadas (destinadas solo para el operador de red) enviando un HTTP POST al PHP backend, porque el filtrado de páginas para no superusuarios (en header.php) se realiza solo para solicitudes GET y no para llamadas AJAX directas.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-25 CVE Reserved
- 2019-06-20 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-862: Missing Authorization
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Rdkcentral Search vendor "Rdkcentral" | Rdkb Ccsppandm Search vendor "Rdkcentral" for product "Rdkb Ccsppandm" | rdkb-20181217-1 Search vendor "Rdkcentral" for product "Rdkb Ccsppandm" and version "rdkb-20181217-1" | - |
Affected
| ||||||