CVE-2019-16190 Information

Description

SharePort Web Access on D-Link DIR-868L REVB through 2.03 DIR-885L REVA through 1.20 and DIR-895L REVA through 1.21 devices allows Authentication Bypass as demonstrated by a direct request to folder_view.php or category_view.php.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://cyberloginit.com/2019/09/10/dlink-shareport-web-access-authentication-bypass.html

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8