9 matches found
CVE-2019-19226
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter1 POST request without being authenticated on the admin interface...
CVE-2019-19226
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter1 POST request without being authenticated on the admin interface...
CVE-2019-19223
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface...
Improper access control
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to download the configuration binary file settings by submitting a rom-0 GET request without being authenticated on the admin interface...
Improper access control
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter1 POST request without being authenticated on the admin interface...
CVE-2019-19224
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to download the configuration binary file settings by submitting a rom-0 GET request without being authenticated on the admin interface...
CVE-2019-19223
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface...
CVE-2019-19223
The CVE-2019-19223 issue affects the D-Link DSL-2680 router (EU firmware EU_1.03) where the web administration interface’s reboot.html endpoint is accessible without authentication. Root cause: Broken access control in the admin UI allows an unauthenticated user to trigger a reboot, impacting ava...
CVE-2019-19222
A Stored XSS issue in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wirelessautonetwork1 POST request...