Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dlink Subscribe
Filtered by product Dir-412
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-17511 1 Dlink 2 Dir-412, Dir-412 Firmware 2020-08-24 5.0 MEDIUM 7.5 HIGH
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via log_get.php, which could be used to discover the intranet network structure.
CVE-2019-17512 1 Dlink 2 Dir-412, Dir-412 Firmware 2020-08-24 6.4 MEDIUM 9.1 CRITICAL
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router's log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces.