exploitDog

CVE-2019-6969

Опубликовано: 02 авг. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and the phone number (if VoIP is in use).

Ссылки

https://rhaidiz.net/2019/02/27/dribble-router-vulns-dlink-alcatel-cve-2019-6969-cve-2019-6968-cve-2019-7163/
Exploit
Third Party Advisory
https://rhaidiz.net/2019/02/27/dribble-router-vulns-dlink-alcatel-cve-2019-6969-cve-2019-6968-cve-2019-7163/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:dva-5592_firmware:20180823:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dva-5592:-:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00421

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-chp2-g3wx-3mc5

github

больше 3 лет назад

The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that allows an unauthenticated user to have access to sensitive information such as the Wi-Fi password and the phone number (if VoIP is in use).

EPSS

Процентиль: 61%

0.00421

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-79