First published: Mon Sep 09 2019(Updated: )
SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR-895L REVA through 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to folder_view.php or category_view.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-868l Firmware | <=2.03 | |
Dlink Dir-868l | =b | |
Dlink Dir-885l Firmware | <=1.20 | |
Dlink Dir-885l | =a | |
Dlink Dir-895l Firmware | <=1.21 | |
Dlink Dir-895l | =a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2019-16190 is critical with a severity value of 9.8.
CVE-2019-16190 affects D-Link DIR-868L devices with firmware up to version 2.03.
CVE-2019-16190 affects D-Link DIR-885L devices with firmware up to version 1.20.
CVE-2019-16190 affects D-Link DIR-895L devices with firmware up to version 1.21.
No, D-Link DIR-868L device version 'b' is not vulnerable to CVE-2019-16190.
No, D-Link DIR-885L device version 'a' is not vulnerable to CVE-2019-16190.
No, D-Link DIR-895L device version 'a' is not vulnerable to CVE-2019-16190.
To fix CVE-2019-16190, apply the latest firmware update provided by D-Link.
You can find more information about CVE-2019-16190 at the following link: https://cyberloginit.com/2019/09/10/dlink-shareport-web-access-authentication-bypass.html
The Common Weakness Enumeration (CWE) ID for CVE-2019-16190 is 287.