Vulnerability Description
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-615 Firmware | 20.05 |
| Dlink | Dir-615 | - |
Related Weaknesses (CWE)
References
- https://github.com/d0x0/D-Link-DIR-615/blob/master/CVE-2019-17353Third Party Advisory
- https://us.dlink.com/en/security-advisoryVendor Advisory
- https://www.dlink.com/en/security-bulletinVendor Advisory
- https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgmeThird Party AdvisoryUS Government Resource
- https://github.com/d0x0/D-Link-DIR-615/blob/master/CVE-2019-17353Third Party Advisory
- https://us.dlink.com/en/security-advisoryVendor Advisory
- https://www.dlink.com/en/security-bulletinVendor Advisory
- https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgmeThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-17353?
CVE-2019-17353 is a vulnerability with a CVSS score of 8.2 (HIGH). An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN,...
How severe is CVE-2019-17353?
CVE-2019-17353 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-17353?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-615 Firmware, Dlink Dir-615.