CVE-2019-19223

Name of the Vulnerable Software and Affected Versions D-Link DSL-2680 version EU 1.03

Description A Broken Access Control issue in the web administration interface allows an attacker to reboot the router by submitting a "reboot.html" GET request without being authenticated on the admin interface.

Recommendations For D-Link DSL-2680 version EU 1.03, as a temporary workaround, consider restricting access to the "reboot.html" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.