CVE-2019-19224

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface Firmware EU1.03 allows an attacker to download the configuration binary file settings by submitting a rom-0 GET request without being authenticated on the admin interface...