Unrated severityNVD Advisory· Published Mar 25, 2019· Updated Aug 4, 2024
CVE-2019-10041
CVE-2019-10041
Description
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/form2userconfig.cgi to edit the system account without authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_sys_account/README.mdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.