Vulnerability Details CVE-2019-16190
SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR-895L REVA through 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to folder_view.php or category_view.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-16190
-
cpe:2.3:h:dlink:dir-868l:b
-
cpe:2.3:h:dlink:dir-885l:a
-
cpe:2.3:h:dlink:dir-895l:a
-
cpe:2.3:o:dlink:dir-868l_firmware:-
-
cpe:2.3:o:dlink:dir-868l_firmware:1.10
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12_eu_multi_20170316
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12b04
-
cpe:2.3:o:dlink:dir-868l_firmware:2.00
-
cpe:2.3:o:dlink:dir-868l_firmware:2.01
-
cpe:2.3:o:dlink:dir-868l_firmware:2.03
-
cpe:2.3:o:dlink:dir-885l_firmware:-
-
cpe:2.3:o:dlink:dir-885l_firmware:1.02
-
cpe:2.3:o:dlink:dir-885l_firmware:1.11
-
cpe:2.3:o:dlink:dir-885l_firmware:1.12b05
-
cpe:2.3:o:dlink:dir-885l_firmware:1.13
-
cpe:2.3:o:dlink:dir-885l_firmware:1.20
-
cpe:2.3:o:dlink:dir-895l_firmware:-
-
cpe:2.3:o:dlink:dir-895l_firmware:1.02
-
cpe:2.3:o:dlink:dir-895l_firmware:1.11
-
cpe:2.3:o:dlink:dir-895l_firmware:1.12
-
cpe:2.3:o:dlink:dir-895l_firmware:1.12b10
-
cpe:2.3:o:dlink:dir-895l_firmware:1.13
-
cpe:2.3:o:dlink:dir-895l_firmware:1.13b03
-
cpe:2.3:o:dlink:dir-895l_firmware:1.20
-
cpe:2.3:o:dlink:dir-895l_firmware:1.21