What is the severity of CVE-2019-17505?

CVE-2019-17505 is considered a high-severity vulnerability due to the risk of unauthorized Wi-Fi access.

How do I fix CVE-2019-17505?

To mitigate CVE-2019-17505, update your D-Link DAP-1320 A2 router to the latest firmware version that addresses this vulnerability.

What impact does CVE-2019-17505 have on my device?

CVE-2019-17505 allows attackers to access sensitive information, such as Wi-Fi SSID and password, potentially leading to unauthorized network access.

Are there specific models affected by CVE-2019-17505?

CVE-2019-17505 specifically affects the D-Link DAP-1320 A2 router running firmware version 1.21.

Can I exploit CVE-2019-17505 without being on the same network?

Yes, CVE-2019-17505 can be exploited remotely, allowing attackers to obtain Wi-Fi credentials without being physically present on the network.

Vulnerability/
CVE-2019-17505

high

7.5

CWE

306

11/10/2019

5/8/2024

CVE-2019-17505

First published: Fri Oct 11 2019(Updated: )

D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplink_info.xml. An attacker can remotely obtain a user's Wi-Fi SSID and password, which could be used to connect to Wi-Fi or perform a dictionary attack.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Dlink DAP-1320 A2 Firmware	=1.21
Dlink DAP-1320 A2 Firmware

Never miss a vulnerability like this again

Reference Links

https://github.com/dahua966/Routers-vuls/blob/master/DAP-1320/vuls_poc.md

Frequently Asked Questions

What is the severity of CVE-2019-17505?
CVE-2019-17505 is considered a high-severity vulnerability due to the risk of unauthorized Wi-Fi access.
How do I fix CVE-2019-17505?
To mitigate CVE-2019-17505, update your D-Link DAP-1320 A2 router to the latest firmware version that addresses this vulnerability.
What impact does CVE-2019-17505 have on my device?
CVE-2019-17505 allows attackers to access sensitive information, such as Wi-Fi SSID and password, potentially leading to unauthorized network access.
Are there specific models affected by CVE-2019-17505?
CVE-2019-17505 specifically affects the D-Link DAP-1320 A2 router running firmware version 1.21.
Can I exploit CVE-2019-17505 without being on the same network?
Yes, CVE-2019-17505 can be exploited remotely, allowing attackers to obtain Wi-Fi credentials without being physically present on the network.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/references
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dlink
canonical/dlink dap-1320 a2 firmware
version/dlink dap-1320 a2 firmware/1.21

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2019-17505?
CVE-2019-17505 is considered a high-severity vulnerability due to the risk of unauthorized Wi-Fi access.
How do I fix CVE-2019-17505?
To mitigate CVE-2019-17505, update your D-Link DAP-1320 A2 router to the latest firmware version that addresses this vulnerability.
What impact does CVE-2019-17505 have on my device?
CVE-2019-17505 allows attackers to access sensitive information, such as Wi-Fi SSID and password, potentially leading to unauthorized network access.
Are there specific models affected by CVE-2019-17505?
CVE-2019-17505 specifically affects the D-Link DAP-1320 A2 router running firmware version 1.21.
Can I exploit CVE-2019-17505 without being on the same network?
Yes, CVE-2019-17505 can be exploited remotely, allowing attackers to obtain Wi-Fi credentials without being physically present on the network.