daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

description and relevant reference

patch-1
Noam Rathaus 2021-03-26 09:53:07 +03:00
parent 33755631fe
commit e942511845
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves/2019/CVE-2019-17506.yaml
View File

@ -4,7 +4,8 @@ info:
name: DLINK DIR-868L & DIR-817LW Info Leak
author: pikpikcu
severity: critical
reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17506
description: There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
reference: https://github.com/dahua966/Routers-vuls/blob/master/DIR-868/name%26passwd.py
tags: cve,cve2019,dlink
requests: