Vulnerability Details CVE-2019-20213
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f
- https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147
- https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f
- https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147
Products affected by CVE-2019-20213
-
cpe:2.3:h:dlink:dir-818lx:-
-
cpe:2.3:h:dlink:dir-822:-
-
cpe:2.3:h:dlink:dir-823:-
-
cpe:2.3:h:dlink:dir-859:-
-
cpe:2.3:h:dlink:dir-865l:-
-
cpe:2.3:h:dlink:dir-868l:-
-
cpe:2.3:h:dlink:dir-869:-
-
cpe:2.3:h:dlink:dir-880l:-
-
cpe:2.3:h:dlink:dir-885l:-
-
cpe:2.3:h:dlink:dir-885r:-
-
cpe:2.3:h:dlink:dir-890l:-
-
cpe:2.3:h:dlink:dir-890r:-
-
cpe:2.3:h:dlink:dir-895l:-
-
cpe:2.3:h:dlink:dir-895r:-
-
cpe:2.3:o:dlink:dir-818lx_firmware:-
-
cpe:2.3:o:dlink:dir-822_firmware:-
-
cpe:2.3:o:dlink:dir-822_firmware:1.0.2
-
cpe:2.3:o:dlink:dir-822_firmware:2.00krb06
-
cpe:2.3:o:dlink:dir-822_firmware:2.02krb01
-
cpe:2.3:o:dlink:dir-822_firmware:2.02krb05
-
cpe:2.3:o:dlink:dir-822_firmware:2.02krb06
-
cpe:2.3:o:dlink:dir-822_firmware:2.03b01
-
cpe:2.3:o:dlink:dir-822_firmware:3.01
-
cpe:2.3:o:dlink:dir-822_firmware:3.10b06
-
cpe:2.3:o:dlink:dir-822_firmware:3.12b04
-
cpe:2.3:o:dlink:dir-823_firmware:-
-
cpe:2.3:o:dlink:dir-823_firmware:1.00
-
cpe:2.3:o:dlink:dir-823_firmware:1.00b06
-
cpe:2.3:o:dlink:dir-859_firmware:1.03.b04
-
cpe:2.3:o:dlink:dir-859_firmware:1.05
-
cpe:2.3:o:dlink:dir-859_firmware:1.05b03
-
cpe:2.3:o:dlink:dir-859_firmware:1.06b01
-
cpe:2.3:o:dlink:dir-865l_firmware:-
-
cpe:2.3:o:dlink:dir-865l_firmware:1.07b01
-
cpe:2.3:o:dlink:dir-868l_firmware:-
-
cpe:2.3:o:dlink:dir-868l_firmware:1.10
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12_eu_multi_20170316
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12b04
-
cpe:2.3:o:dlink:dir-868l_firmware:2.00
-
cpe:2.3:o:dlink:dir-868l_firmware:2.01
-
cpe:2.3:o:dlink:dir-868l_firmware:2.03
-
cpe:2.3:o:dlink:dir-868l_firmware:2.05b02
-
cpe:2.3:o:dlink:dir-869_firmware:-
-
cpe:2.3:o:dlink:dir-869_firmware:1.03b02
-
cpe:2.3:o:dlink:dir-880l_firmware:-
-
cpe:2.3:o:dlink:dir-880l_firmware:1.07
-
cpe:2.3:o:dlink:dir-880l_firmware:1.07.b08
-
cpe:2.3:o:dlink:dir-880l_firmware:1.08b04
-
cpe:2.3:o:dlink:dir-885l_firmware:-
-
cpe:2.3:o:dlink:dir-885l_firmware:1.02
-
cpe:2.3:o:dlink:dir-885l_firmware:1.11
-
cpe:2.3:o:dlink:dir-885l_firmware:1.12b05
-
cpe:2.3:o:dlink:dir-885r_firmware:-
-
cpe:2.3:o:dlink:dir-885r_firmware:1.12b05
-
cpe:2.3:o:dlink:dir-890l_firmware:-
-
cpe:2.3:o:dlink:dir-890l_firmware:1.05
-
cpe:2.3:o:dlink:dir-890l_firmware:1.07b09
-
cpe:2.3:o:dlink:dir-890l_firmware:1.09
-
cpe:2.3:o:dlink:dir-890l_firmware:1.11b01
-
cpe:2.3:o:dlink:dir-890r_firmware:-
-
cpe:2.3:o:dlink:dir-890r_firmware:1.11b01
-
cpe:2.3:o:dlink:dir-895l_firmware:-
-
cpe:2.3:o:dlink:dir-895l_firmware:1.02
-
cpe:2.3:o:dlink:dir-895l_firmware:1.11
-
cpe:2.3:o:dlink:dir-895l_firmware:1.12
-
cpe:2.3:o:dlink:dir-895l_firmware:1.12b10
-
cpe:2.3:o:dlink:dir-895r_firmware:-
-
cpe:2.3:o:dlink:dir-895r_firmware:1.12b10