CVE-2019-13101

Name of the Vulnerable Software and Affected Versions D-Link DIR-600M versions 3.02 through 3.06

Description An issue was discovered related to the wan.htm component, which can be accessed directly without authentication. This can lead to the disclosure of information about the WAN and can also be leveraged by an attacker to modify the data fields of the page. The vulnerability is associated with authentication errors in the D-Link DIR-600M Wi-Fi router's firmware. Exploitation of the vulnerability can allow a remote attacker to gain unauthorized access to protected information and modify configuration settings.

Recommendations For versions 3.02 through 3.06, consider restricting access to the wan.htm page until a patch is available. As a temporary workaround, avoid using the wan.htm page for configuration changes to minimize the risk of exploitation.