CVE-2019-17505

Name of the Vulnerable Software and Affected Versions D-Link DAP-1320 A2 versions prior to V1.21

Description The issue is related to weaknesses in the authentication procedure of the web interface in D-Link DAP-1320 A2 wireless router firmware. This can allow a remote attacker to gain unauthorized access to protected information, including Wi-Fi SSID and password, potentially using a brute-force method to guess the password. An attacker can obtain a user's Wi-Fi SSID and password, which could be used to connect to Wi-Fi or perform a dictionary attack.

Recommendations For D-Link DAP-1320 A2 versions prior to V1.21, consider disabling remote access to the web interface until a patch is available. Restrict access to the uplink info.xml file to minimize the risk of exploitation. Avoid using default or weak passwords for Wi-Fi networks to reduce the risk of brute-force attacks.