CVE-2019-16190

CRITICAL

D-Link DIR-868L/DIR-885L/DIR-895L - Auth Bypass

Title source: llm

Description

SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR-895L REVA through 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to folder_view.php or category_view.php.

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://cyberloginit.com/2019/09/10/dlink-shareport-web-access-authentication-bypass.html

Scores

CVSS v3 9.8

EPSS 0.0090

EPSS Percentile 75.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (3)

dlink/dir-868l_firmware < 2.03

dlink/dir-885l_firmware < 1.20

dlink/dir-895l_firmware < 1.21

Published Sep 09, 2019

Tracked Since Feb 18, 2026