Back to KEVs

CVE-2019-17506

There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the...

Basic Information

CVE State: PUBLISHED
Reserved Date: October 11, 2019
Published Date: October 11, 2019
Last Updated: August 05, 2024
Vendor: D-Link
Product: DIR-868L, DIR-817LW
Description: There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
Tags

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

Score: 92.62% (Percentile: 99.73%) as of 2025-05-25

Exploit Status

Exploited in the Wild: Yes (2025-05-09 00:00:00 UTC) Source

References

https://github.com/dahua966/Routers-vuls/blob/master/DIR-868/name%26passwd.py

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-04-27 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-17506.yaml	2025-04-26 00:00:00 UTC

Timeline

CVE ID Reserved

October 11, 2019
CVE Published to Public

October 11, 2019
Detected by Nuclei

April 26, 2025
Added to KEVIntel

April 27, 2025