Vulnerability Details CVE-2019-17512
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router's log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.04
EPSS Ranking 88.1%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
Products affected by CVE-2019-17512
-
cpe:2.3:h:dlink:dir-412:-
-
cpe:2.3:o:dlink:dir-412_firmware:a1-1.14ww