Vulnerabilities > CVE-2019-17525 - Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dir-615 Firmware 20.10
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Hardware | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| id | EDB-ID:48551 |
| last seen | 2020-06-04 |
| modified | 2020-06-04 |
| published | 2020-06-04 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/48551 |
| title | D-Link DIR-615 T1 20.10 - CAPTCHA Bypass |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/157936/dlinkdir615-captchabypass.txt |
| id | PACKETSTORM:157936 |
| last seen | 2020-06-05 |
| published | 2020-06-04 |
| reporter | Huzaifa Hussain |
| source | https://packetstormsecurity.com/files/157936/D-Link-DIR-615-T1-20.10-CAPTCHA-Bypass.html |
| title | D-Link DIR-615 T1 20.10 CAPTCHA Bypass |