Vulnerability Details : CVE-2019-1010155
D-Link DSL-2750U 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login. NOTE: Third parties dispute this issues as not being a vulnerability because although the wizard is accessible without authentication, it can't actually configure anything. Thus, there is no denial of service or information leakage
Vulnerability category: Denial of service
Products affected by CVE-2019-1010155
- cpe:2.3:o:dlink:dsl-2750u_firmware:1.11:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-1010155
1.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-1010155
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:P |
10.0
|
4.9
|
NIST | |
9.1
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
3.9
|
5.2
|
NIST |
References for CVE-2019-1010155
-
https://www.youtube.com/watch?v=7sk6agpcA_s
truth of CVE-2019-1010155 - YouTubeExploit;Third Party Advisory
-
http://www.securityfocus.com/bid/109351
D-Link DSL-2750U Multiple Authentication Bypass VulnerabilitiesBroken Link;Third Party Advisory;VDB Entry
-
https://youtu.be/BQQbp2vn_wY
Lizard Vulnerability - YouTubeExploit;Third Party Advisory
-
https://cxsecurity.com/issue/WLB-2018080199
D-Link DSL-2750U Setup Wizard Page Authentication Bypass - CXSecurity.comThird Party Advisory
Jump to