11 matches found
CVE-2019-19226
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter1 POST request without being authenticated on the admin interface...
CVE-2019-19226
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter1 POST request without being authenticated on the admin interface...
CVE-2019-19223
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface...
Improper access control
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to download the configuration binary file settings by submitting a rom-0 GET request without being authenticated on the admin interface...
Improper access control
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter1 POST request without being authenticated on the admin interface...
CVE-2019-19226
CVE-2019-19226 affects D-Link DSL-2680 (Firmware EU_1.03) web administration. A Broken Access Control flaw in the Forms/WlanMacFilter_1 POST handling allows an unauthenticated attacker to enable/disable MAC address filtering. The root cause is improper access restrictions on the MAC-filter config...
CVE-2019-19225
The CVE-2019-19225 issue affects the D-Link DSL-2680 web administration interface (firmware EU_1.03). The vulnerability is a Broken Access Control in the web UI, enabling an unauthenticated attacker to change DNS servers by submitting a crafted Forms/dns_1 POST request. Impact is unauthorized mod...
CVE-2019-19224
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to download the configuration binary file settings by submitting a rom-0 GET request without being authenticated on the admin interface...
CVE-2019-19223
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface...
CVE-2019-19223
The CVE-2019-19223 issue affects the D-Link DSL-2680 router (EU firmware EU_1.03) where the web administration interface’s reboot.html endpoint is accessible without authentication. Root cause: Broken access control in the admin UI allows an unauthenticated user to trigger a reboot, impacting ava...
CVE-2019-19222
A Stored XSS issue in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wirelessautonetwork1 POST request...