Описание
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-20213
- https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f
- https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147
Связанные уязвимости
CVSS3: 7.5
nvd
около 6 лет назад
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.