CVE-2019-17506

Name of the Vulnerable Software and Affected Versions D-Link DIR-868L version B1-2.03 D-Link DIR-817LW version A1-1.04

Description The issue is related to a lack of authentication requirements in the web interfaces of the affected routers. An attacker can exploit this by using the DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED GROUP=1%0a to access the getcfg.php file, potentially allowing them to obtain the router's username and password, as well as other information. This could enable remote control of the router.

Recommendations For D-Link DIR-868L version B1-2.03, consider restricting access to the getcfg.php file until a patch is available. For D-Link DIR-817LW version A1-1.04, avoid using the DEVICE.ACCOUNT value and AUTHORIZED GROUP=1%0a in the affected API endpoint until the issue is resolved.