CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-7388

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.securityfocus.com/bid/106852
https://github.com/leonW7/D-Link/blob/master/Vul_3.md
http://www.securityfocus.com/bid/106852
https://github.com/leonW7/D-Link/blob/master/Vul_3.md

Products affected by CVE-2019-7388

Dlink » Dir-823g » Version: N/A

cpe:2.3:h:dlink:dir-823g:-
Dlink » Dir-823g Firmware » Version: 1.02b03

cpe:2.3:o:dlink:dir-823g_firmware:1.02b03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-7388

Products

Pricing

Contact Us