CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-16326

D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.3%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://0x62626262.wordpress.com/2019/12/24/dlink-dir-601-router-authentication-bypass-and-csrf/
https://0x62626262.wordpress.com/2019/12/24/dlink-dir-601-router-authentication-bypass-and-csrf/

Products affected by CVE-2019-16326

Dlink » Dir-601 » Version: b1

cpe:2.3:h:dlink:dir-601:b1
Dlink » Dir-601 Firmware » Version: 2.00na

cpe:2.3:o:dlink:dir-601_firmware:2.00na

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16326

Products

Pricing

Contact Us