Dlink: >> Dir-412 Firmware Security Vulnerabilities
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router's log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces.
CVSS Score
9.1
EPSS Score
0.04
Published
2019-10-16
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via log_get.php, which could be used to discover the intranet network structure.
CVSS Score
7.5
EPSS Score
0.044
Published
2019-10-14