Devendra Singh Solanki - Security Researcher - Exploit Intelligence Platform

CVE-2019-13101 WRITEUP CRITICAL WRITEUP

D-Link DIR-600M Firmware 3.02-3.06 - Unauthenticated Information Disclosure and Data Modification via wan.htm

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.

CVSS 9.8

View Code

CVE-2019-17353 WRITEUP HIGH WRITEUP

D-Link DIR-615 Firmware 20.05 and 20.07 - Unauthenticated Information Disclosure and Data Modification via wan.htm

An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.

CVSS 8.2

View Code

CVE-2019-17354 WRITEUP CRITICAL WRITEUP

Zyxel NBG-418N v2 Firmware V1.00(AARP.9)C0 - Unauthenticated Information Disclosure and Data Modification via wan.htm

wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page.

CVSS 9.4

View Code

CVE-2019-13101 EXPLOITDB CRITICAL ruby SCANNER

D-Link DIR-600M Firmware 3.02-3.06 - Unauthenticated Information Disclosure and Data Modification via wan.htm

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.

CVSS 9.8

View Code