Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-13372

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.905
EPSS Ranking 99.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2019-13372


Contact Us

Shodan ® - All rights reserved