CVE-2019-16327
CRITICAL WAF: Low
CVSS 9.8
Published: 2019-12-26
CWE-287
D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| dlink | dir-601_firmware | 2.00na |
References
- 0x62626262.wordpress.com (Exploit, Third Party Advisory)