What is CVE-2019-17506?

CVE-2019-17506 is a vulnerability in N/a. Published 2019-10-11.

Is CVE-2019-17506 known to be exploited?

27 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-17506

There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVI…

EPSS: 0.938 (99.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/vulnerability-poc
20142995/Goby
20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
ArrestX/--POC
Drajoncr/AttackWebFrameworkTools
HimmelAward/Goby_
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes

References

github.com/dahua966/Routers-vuls/blob/master/DIR-868/name&passwd.py (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-17506?: CVE-2019-17506 is a vulnerability in N/a. Published 2019-10-11.
Is CVE-2019-17506 known to be exploited?: 27 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.