CVE-2019-7642
First published: Mon Mar 25 2019(Updated: )
D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10).
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| D-Link DIR-817LW Firmware | =1.04 | |
| D-Link DIR-817LW | =a1 | |
| All of | ||
| D-Link DIR-816L Firmware | =2.06 | |
| D-Link DIR-816L | =b1 | |
| All of | ||
| D-Link DIR-816L Firmware | =2.06 | |
| D-Link DIR-816 Firmware | =b1 | |
| All of | ||
| D-Link DIR-850L Firmware | =1.09 | |
| D-Link DIR-850L Firmware | =a1 | |
| All of | ||
| D-Link DIR-868L Firmware | =1.10 | |
| D-Link DIR-868L Firmware | =a1 | |
| D-Link DIR-817LW Firmware | =1.04 | |
| D-Link DIR-817LW | =a1 | |
| D-Link DIR-816L Firmware | =2.06 | |
| D-Link DIR-816L | =b1 | |
| D-Link DIR-816L Firmware | =2.06 | |
| D-Link DIR-816 Firmware | =b1 | |
| D-Link DIR-850L Firmware | =1.09 | |
| D-Link DIR-850L Firmware | =a1 | |
| D-Link DIR-868L Firmware | =1.10 | |
| D-Link DIR-868L Firmware | =a1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-7642?
CVE-2019-7642 is a vulnerability that affects D-Link routers with the mydlink feature, allowing attackers to remotely obtain users' DNS query logs and login logs.
Which D-Link routers are affected by CVE-2019-7642?
D-Link routers with the mydlink feature, specifically the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816, DIR-850L, and DIR-868L are affected by CVE-2019-7642.
How severe is CVE-2019-7642?
CVE-2019-7642 has a severity rating of 7.5 (high).
How can I fix CVE-2019-7642?
To fix CVE-2019-7642, make sure to update your D-Link router firmware to the latest version provided by the vendor.
Where can I find more information about CVE-2019-7642?
More information about CVE-2019-7642 can be found at the following link: [https://github.com/xw77cve/CVE-2019-7642/blob/master/README.md](https://github.com/xw77cve/CVE-2019-7642/blob/master/README.md)
- agent/type
- agent/severity
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/author
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/dlink
- canonical/d-link dir-817lw firmware
- version/d-link dir-817lw firmware/1.04
- canonical/d-link dir-817lw
- version/d-link dir-817lw/a1
- canonical/d-link dir-816l firmware
- version/d-link dir-816l firmware/2.06
- canonical/d-link dir-816l
- version/d-link dir-816l/b1
- canonical/d-link dir-816 firmware
- version/d-link dir-816 firmware/b1
- canonical/d-link dir-850l firmware
- version/d-link dir-850l firmware/1.09
- version/d-link dir-850l firmware/a1
- canonical/d-link dir-868l firmware
- version/d-link dir-868l firmware/1.10
- version/d-link dir-868l firmware/a1