Vulnerability Description
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-600M Firmware | 3.02 |
| Dlink | Dir-600M | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/153994/D-Link-DIR-600M-Wireless-N-150-Home-Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2019/Aug/5Mailing ListThird Party Advisory
- https://github.com/d0x0/D-Link-DIR-600M/blob/master/CVE-2019-13101Third Party Advisory
- https://seclists.org/bugtraq/2019/Aug/17Mailing ListThird Party Advisory
- https://us.dlink.com/en/security-advisoryVendor Advisory
- https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgmeThird Party AdvisoryUS Government Resource
- http://packetstormsecurity.com/files/153994/D-Link-DIR-600M-Wireless-N-150-Home-Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2019/Aug/5Mailing ListThird Party Advisory
- https://github.com/d0x0/D-Link-DIR-600M/blob/master/CVE-2019-13101Third Party Advisory
- https://seclists.org/bugtraq/2019/Aug/17Mailing ListThird Party Advisory
- https://us.dlink.com/en/security-advisoryVendor Advisory
- https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgmeThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-13101?
CVE-2019-13101 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and c...
How severe is CVE-2019-13101?
CVE-2019-13101 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-13101?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-600M Firmware, Dlink Dir-600M.