An issue was discovered on D-Link DAP-1650 devices through v1.03b07 before 1.04B02_J65H Hot Fix. Attackers can bypass authentication via forceful browsing.
References
Link | Resource |
---|---|
ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DAP-1650/REVA/DAP-1650_REVA_RELEASE_NOTES_v1.04B02_J65H.pdf | Broken Link |
Configurations
Configuration 1 (hide)
AND |
|
History
04 Jan 2021, 20:00
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:o:dlink:dap-1650_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-1650:-:*:*:*:*:*:*:* |
|
CWE | CWE-287 | |
References | (MISC) ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DAP-1650/REVA/DAP-1650_REVA_RELEASE_NOTES_v1.04B02_J65H.pdf - Broken Link |
30 Dec 2020, 20:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2020-12-30 20:15
Updated : 2023-12-10 13:41
NVD link : CVE-2019-12768
Mitre link : CVE-2019-12768
CVE.ORG link : CVE-2019-12768
JSON object : View
Products Affected
dlink
- dap-1650_firmware
- dap-1650
CWE
CWE-425
Direct Request ('Forced Browsing')