CVE-2019-16190

Name of the Vulnerable Software and Affected Versions D-Link DIR-868L REVB versions 2.03 and earlier D-Link DIR-885L REVA versions 1.20 and earlier D-Link DIR-895L REVA versions 1.21 and earlier

Description The issue is related to the SharePort Web Access function in the firmware of D-Link routers, which has authentication weaknesses. This can be exploited by making a direct request to folder view.php or category view.php, allowing an attacker to bypass authentication. The vulnerability can be exploited remotely, potentially allowing an attacker to elevate their privileges.

Recommendations For D-Link DIR-868L REVB versions 2.03 and earlier, update to a version later than 2.03 to resolve the issue. For D-Link DIR-885L REVA versions 1.20 and earlier, update to a version later than 1.20 to resolve the issue. For D-Link DIR-895L REVA versions 1.21 and earlier, update to a version later than 1.21 to resolve the issue. As a temporary workaround, consider restricting access to folder view.php and category view.php until a patch is available.