Vulnerability Details CVE-2019-17511
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via log_get.php, which could be used to discover the intranet network structure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.044
EPSS Ranking 88.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-17511
-
cpe:2.3:h:dlink:dir-412:-
-
cpe:2.3:o:dlink:dir-412_firmware:a1-1.14ww