CVE-2019-7642
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can re
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10).
HIGH · CVSS 7.5
EPSS 0.1087
Act now
- EPSS ≥ 0.10 - elevated exploitation probability
- EPSS percentile: top 6% of all CVEs by exploitation likelihood
- Public exploit or PoC is available
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0